RV_ Posted May 31, 2019 Report Share Posted May 31, 2019 If you are running Windows 10 like me, this shouldn't affect us. A new attack vulnerability is considered serious enough that Microsoft, who no longer supports XP, Vista and other old versions of Windows, has actually developed a patch for some of those old systems because of Bluekeep. Microsoft took the unusual move of crafting a patch for unsupported old versions like Vista and XP because millions around the world run old versions of Windows. Excerpt: "Microsoft has once again warned companies to patch older versions of Windows against a severe vulnerability in the Remote Desktop Protocol (RDP) service that can be abused remotely, and which the company has likened to the EternalBlue exploit that fueled the WannaCry, NotPetya, and Bad Rabbit ransomware outbreaks. To make matters worse, limited proof-of-concept code for exploiting this vulnerability (known as BlueKeep, or CVE-2019-0708) has surfaced online over the last two days. "Microsoft is confident that an exploit exists for this vulnerability, and if recent reports are accurate, nearly one million computers connected directly to the internet are still vulnerable to CVE-2019-0708," said Simon Pope, Director of Incident Response, Microsoft Security Response Center (MSRC). Scans for computers vulnerable to BlueKeep have been going on for almost a week at an ever-increasing pace. The OS maker is now sounding the last alarm before actual attacks get underway. Patches are currently available for Windows XP, Windows Vista, Windows 7, Windows Server 2003, and Windows Server 2008 -- the Windows versions vulnerable to BlueKeep attacks." More and links in the original article here: https://www.zdnet.com/article/microsoft-issues-second-warning-about-patching-bluekeep-as-poc-code-goes-public/ Microsoft's page for end of support cycles for their various products: https://support.microsoft.com/en-us/hub/4095338/microsoft-lifecycle-policy Microsoft's page with the patch links: https://blogs.technet.microsoft.com/msrc/2019/05/14/prevent-a-worm-by-updating-remote-desktop-services-cve-2019-0708/?ranMID=24542&ranEAID=je6NUbpObpQ&ranSiteID=je6NUbpObpQ-i2Zh8tgGh4a8wBTIT8df5Q&epi=je6NUbpObpQ-i2Zh8tgGh4a8wBTIT8df5Q&irgwc=1&OCID=AID681541_aff_7593_1243925&tduid=(ir__39lx919ztokfr0vokk0sohzg0u2xmdexqsqdwi3h00)(7593)(1243925)(je6NUbpObpQ-i2Zh8tgGh4a8wBTIT8df5Q)()&irclickid=_39lx919ztokfr0vokk0sohzg0u2xmdexqsqdwi3h00 "It is for these reasons that we strongly advise that all affected systems – irrespective of whether NLA is enabled or not – should be updated as soon as possible. " ResourcesLinks to downloads for Windows 7, Windows 2008 R2, and Windows 2008Links to downloads for Windows 2003 and Windows XP RV/Derekhttp://www.rvroadie.com Email on the bottom of my website page.Retired AF 1971-1998 When you see a worthy man, endeavor to emulate him. When you see an unworthy man, look inside yourself. - Confucius “Those who can make you believe absurdities, can make you commit atrocities.” ... Voltaire Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.