Attack threatens unpatched Windows computers

Microsoft strongly advises that all affected systems should be updated.

The warning titled A Reminder to Update Your Systems to Prevent a Worm has been posted on the Microsoft Security Response Center blog. Microsoft strongly advises that all affected systems should be updated as soon as possible.

About two weeks ago, Microsoft patched the serious CVE-2019-0708 vulnerability in all versions of Windows with an emergency update. The zero-day vulnerability, now also known as Bluekeep, is considered extremely dangerous. The Remote Code Execution vulnerability in Windows' Remote Desktop Services could be exploited by attackers for a large-scale attack that could be as dangerous as the WannaCry attack a few years ago.

A report by Errata Security has now determined that there are more than 900,000 unpatched computers still vulnerable. These computers have not yet installed the update that protects against a Bluekeep attack.

Windows 8 and Windows 10 users are not impacted by this vulnerability. Windows 2003, Windows XP and Windows Vista all are. Below you can find the resources to fix this vulnerability.

Links to downloads for Windows 7, Windows 2008 R2, and Windows 2008

Links to downloads for Windows Vista, Windows 2003 and Windows XP 

Update 06.06.2019

The U.S. National Security Agency now also has issued a cybersecurity advisory urging users to update their systems to protect against BlueKeep. The NSA statement says this vulnerability is "critical not just for NSA's protection of National Security Systems but for all networks".

about author