[ad_1]
If the idea of running Windows XP in 2019 makes you laugh, I urge you to maintain this blissful naivety. Just leave now.
Are they gone? Ok, so, Windows XP, Vista and the rest of these old and unsupported operating systems are still extremely real – and they are everywhere.
The old software is still active in important locations, such as the US Department of Defense and within the critical infrastructure of the country. For those who still use older Windows machines, Microsoft has a serious message: update as soon as possible.
Microsoft warns that a newly corrected vulnerability called BlueKeep could have consequences as serious as WannaCry, the 2017 ransomware worm allegedly developed by North Korea that allegedly infected hundreds of thousands of computers.
This is Simon Pope from Microsoft:
BlueKeep and WannaCry are similar in that they constitute vulnerabilities in remote desktop services. They allow an attacker to execute code remotely on a target computer. The vulnerability of BlueKeep, rated at a severity of 9.8 out of 10, is so severe that Windows has taken the rare step of solving problems for older and normally unsupported versions of Windows, including XP, 2003, and Vista. BlueKeep is not about Windows 8 and 10, but millions of old Windows machines are still being used by countless businesses and individuals around the world, including sometimes in critical infrastructures.
The company fears that malware using the BlueKeep vulnerability is "vermifuges", which means that they "could spread from a vulnerable computer to a vulnerable computer," according to an article posted on the Microsoft blog Thursday. .
"Microsoft is convinced that there is an exploit for this vulnerability and, while recent reports are accurate, nearly a million computers connected directly to the Internet are still vulnerable to CVE-2019-0708. Many more in corporate networks may also be vulnerable, "wrote Simon Pope of Microsoft.
The exploits exist. McAfee, a cybersecurity company, said its researchers had developed a feat for the flaw. The Zerodium mining sales company also "confirmed the exploitability" of the fault.
"It only takes one vulnerable computer connected to the Internet to create a gateway to these corporate networks, where advanced malware could spread and infect corporate computers," writes the Microsoft pope. "This scenario could be even worse for those who have not kept their internal systems up to date with the latest patches, as any future malware could also attempt to exploit more vulnerabilities that have already been fixed."
It's been two weeks since the BlueKeep patch was released. The fix for MS17-010 took two months before the WannaCry malware exploited this vulnerability and spread to the world. The fact that the last two weeks have been calm is not a guarantee for the future.
For organizations and giant companies, the reality is rarely as simple as "immediate fix". Important computers may be deemed too important for downtime. Or maybe there is not enough money and resources to maintain a smart patch schedule. If so, administrators must disable RDS (and consider doing so anyway, unless this is necessary for you).
The reasons for slow updates are endless, and that means that even several weeks after a fix, over a million machines may remain vulnerable to critical vulnerabilities. This is the reason why hackers rarely have to create their own vulnerabilities and exploits: there are almost always countless outdated computers that can be targeted by old vulnerabilities that leave the door open to attackers.
Zero day vulnerabilities make the headlines, but it's usually the first day and much later when the real damage happens.
[ad_2]
Source link