Earlier this month, Microsoft revealed a major vulnerability in Windows that could see a widespread "wormable" attack that spread from one vulnerable computer to another. We saw a similar shortcoming in 2017 that caused the WannaCry malware to cause chaos for thousands of machines.
Although Microsoft has released patches for Windows systems, even for older server and Windows XP machines, recent reports have revealed that there are at least 1 million systems connected to the Internet that can be attacked. "Microsoft is convinced that there is an exploit for this vulnerability," warns Simon Pope, director of incident response at Microsoft & # 39; s Security Response Center (MSRC). "It's only been two weeks since the fix was released and there's no trace of a worm. This doesn't mean we're out of the woods. & # 39;
Pope notes that it was almost two months after the release of patches for the previous EternalBlue exploitation when WannaCry attacks began, and despite 60 days of patching systems, many machines were still infected. The exploitation of EternalBlue was leaked publicly, allowing hackers to freely create malware. This new BlueKeep error has not been made public yet, but that does not mean that there will be no malware. "It is possible that this vulnerability will not be included in malware," says Pope. "But that's not the way to gamble."
This new major security exploitation of Windows includes a critical issue with remote code execution in Remote Desktop Services that exists in Windows XP, Windows 7 and server versions such as Windows Server 2003, Windows Server 2008 R2 and Windows Server 2008. These operating systems are still a large part of the Windows machines used, especially in business environments. Microsoft is now urging system administrators to update the machines as quickly as possible.