Latest in Gear

Image credit: Matt Anderson Photography via Getty Images

US recommends Windows users patch against worm vulnerability

Homeland Security has tested the exploit and warns users to update now.
510 Shares
Share
Tweet
Share
Save

Sponsored Links

Matt Anderson Photography via Getty Images

Microsoft Windows users who haven't patched their OS (or are using an unsupported version) are at risk of attackers exploiting a vulnerability known as BlueKeep. The Cybersecurity and Infrastructure Security Agency (CISA), Homeland Security's lead cybersecurity agency, said it successfully tested a working exploit for the BlueKeep vulnerability. Specifically, the agency was able to remotely run code on a Windows 2000 computer using BlueKeep, it stated in an advisory. The bug effects computers that are running Windows 7 or earlier (as well as Windows Server 2003 and 2008), and gives potential attackers access through Microsoft's Remote Desktop Services.

The BlueKeep vulnerability is "wormable", meaning an attacker only has to gain access to one computer in order to gain control of all the other devices on its network. Microsoft already issued patches for the bug last month, but private security firm Errata estimated that millions of devices still remain vulnerable. While an attacker has yet to take advantage of the bug, doing so could easily lead to a repeat of 2017's WannaCry malware outbreak that impacted systems worldwide, including Britain's NHS, Honda and FedEx.

CISA is asking users of older Microsoft systems to install the available security updates. Microsoft has even released patches for operating systems that are no longer officially supported, including Windows Vista, Windows XP, and Windows Server 2003. If you're a regular end-user running Windows 7 or older, you're likely better off upgrading to a newer version of Microsoft for added security.

All products recommended by Engadget are selected by our editorial team, independent of our parent company. Some of our stories include affiliate links. If you buy something through one of these links, we may earn an affiliate commission.
Comment
Comments
Share
510 Shares
Share
Tweet
Share
Save

Popular on Engadget

Engadget's Guide to Privacy

Engadget's Guide to Privacy

View
Fitbit is reportedly in the early stages of exploring a sale

Fitbit is reportedly in the early stages of exploring a sale

View
Tilta mods Blackmagic's Pocket Cinema Camera with a tilt screen and SSD

Tilta mods Blackmagic's Pocket Cinema Camera with a tilt screen and SSD

View
Three Mile Island's infamous nuclear plant shuts down after 45 years

Three Mile Island's infamous nuclear plant shuts down after 45 years

View
Samsung asks users to be extra careful with the Galaxy Fold

Samsung asks users to be extra careful with the Galaxy Fold

View

From around the web

Page 1Page 1ear iconeye iconFill 23text filevr