New Security Flaw from Windows Update brings back bad memories of WannaCry Malware.
Microsoft has had massive issues with Security and System Fixes which isn’t a big surprise but the past couple of months when they do release a new update, users have been experiencing either their Windows freezing up or unexpectant restarts. Davey Winder, a contributor for Forbes Cyber Security News mentions of a new security threat that could damage computers and be costly as WannaCry was Two Years ago.
Microsoft issued the warning on their Security Response Blog, it refers to CVE-2019-0708; A Remote Code Execution Vulnerability that has become known as the BlueKeep. The Director of Incident Response for Microsoft, Simon Pope stated that he believed that Microsoft was Confident that there is an exploit existed for this vulnerability, it could propagate from vulnerable computer to vulnerable computer in a similar way as the WannaCry malware spread across the globe in 2017. An Internet-Scale Port Scanner determined that there were 923,671 Internet-facing Machines are vulnerable to BlueKeep on Port 3389, that was being used for Microsoft’s Remote Desktop Feature.
Check out what our Affiliate has to offer:The perfect gift for any occassion, Especially perfect for Father’s Day. The Acer Aspire AIO Desktop has an Eighth Generation Intel Core i5-8250U Processor 1.6GHz (Up to 3.4GHz), a beautiful 23 in. Full HD Monitor with Edge to Edge backlit display, 12 GB of RAM and a 1TB Hard Drive.
Does Microsoft really have confidence in a possible BlueKeep Exploit? It isn’t clear that the Company doesn’t have the intelligence that suggested that the Malware has been weaponized in that way, As David Winder mentioned before that there is a PoC (Proof of Concept) code that is available. You can already count on there being a DoS exploit available and researchers have been successful in developing wormable exploit codes.
“Windows 8 and Windows 10 users are not impacted by this vulnerability, Windows 2003, Windows XP and Windows Vista all are. Despite all of those vulnerable systems being unsupported for some years, Microsoft made the patch available to users which shows just how concerned it is by the “WannaCry 2″ threat. Windows 7 and Windows Server 2008 are also vulnerable.”Derek Winder