News

BlueKeep Attack Warnings Didn’t Affect Users

Photo of James Brown James BrownNovember 13, 2019
0 94 2 minutes read

Researchers from the SANS Institute (USA) over the past few months have been monitoring the situation with the use of patches that fix the BlueKeep vulnerability in Windows, and with the use fof Shodan recorded the number of vulnerable computers connected to the Network. Experts concluded that the massive warnings about BlueKeep attacks did not affect the desire of users to apply patches.

Recall that over the past week there have been reports of signs of exploitation of BlueKeep in real attacks. Attackers tried to infect computers with cryptocurrency mining malware. As a result, Microsoft once again called on users to install patches that eliminate the vulnerability, which the company released back in May of this year.

“After a news of “mass exploitation” of a specific vulnerability hits mainstream media, even organizations that don’t have a formal (or any) patch management process in place usually start to smell the ashes and try to quickly apply the relevant patches. Since media coverage of the recent BlueKeep campaign was quite extensive, I wondered whether the number of vulnerable machines would start diminishing significantly as a result”, — writes Jan Kopriva, SANS researcher.

Nevertheless, as it turned out, administrators are in no hurry to follow the company’s recommendations. According to the researchers, since May the level of “patched” systems has been steadily declining.

Administrators are in no hurry to follow the Microsoft's recommendations
Administrators are in no hurry to follow the Microsoft’s recommendations

“As we may see, the percentage of vulnerable systems seems to be falling more or less steadily for the last couple of months and it appears that media coverage of the recent campaign didn’t do much to help it”, — noted researchers.

Nevertheless, the threat of BlueKeep is still relevant, the researchers emphasize. Despite the decline in the number of unpatched machines, there are a fairly large number of vulnerable systems that can become an attractive target for attackers.

Read also: Facebook reports another data leak

Researchers note that even given the presence of hundreds of thousands of vulnerable systems, we can only hope that the worm that everyone is waiting for will not appear in the near future.

The vulnerability of BlueKeep (CVE-2019-0708) was first reported in May of this year. It does not require authorization or any interaction with the user. In other words, it is “worm-like,” so it allows malware to spread from computer to computer, just like the WannaCry malware have spread around the world in 2017.
Sending
User Review
0 (0 votes)
Comments Rating 0 (0 reviews)
Tags
Photo of James Brown James BrownNovember 13, 2019
0 94 2 minutes read
Photo of James Brown

James Brown

Technology news writer and part-time security researcher. Author of how-to articles related to Windows computer issue solving.

Related Articles

Apple and NSO Group spyware

Apple patches vulnerability exploited by NSO Group spyware

September 15, 2021
Russian hacker arrested in India

India arrests Russian hacker who offered applicants help in passing the JEE-Main exam

October 7, 2022
fin7

Criminal FIN7/Carbanak empire strike back

May 13, 2019
new API for Edge extensions

Edge is moving to a new extension API, but ad blockers will continue to work

October 15, 2020

Leave a Reply

Your email address will not be published. Required fields are marked *

Sending

This site uses Akismet to reduce spam. Learn how your comment data is processed.

© Copyright 2024, All Rights Reserved  | Adware.Guru;
Back to top button