News

BlueKeep Attack Warnings Didn’t Affect Users

Researchers from the SANS Institute (USA) over the past few months have been monitoring the situation with the use of patches that fix the BlueKeep vulnerability in Windows, and with the use fof Shodan recorded the number of vulnerable computers connected to the Network. Experts concluded that the massive warnings about BlueKeep attacks did not affect the desire of users to apply patches.

Recall that over the past week there have been reports of signs of exploitation of BlueKeep in real attacks. Attackers tried to infect computers with cryptocurrency mining malware. As a result, Microsoft once again called on users to install patches that eliminate the vulnerability, which the company released back in May of this year.

“After a news of “mass exploitation” of a specific vulnerability hits mainstream media, even organizations that don’t have a formal (or any) patch management process in place usually start to smell the ashes and try to quickly apply the relevant patches. Since media coverage of the recent BlueKeep campaign was quite extensive, I wondered whether the number of vulnerable machines would start diminishing significantly as a result”, — writes Jan Kopriva, SANS researcher.

Nevertheless, as it turned out, administrators are in no hurry to follow the company’s recommendations. According to the researchers, since May the level of “patched” systems has been steadily declining.

Administrators are in no hurry to follow the Microsoft’s recommendations

“As we may see, the percentage of vulnerable systems seems to be falling more or less steadily for the last couple of months and it appears that media coverage of the recent campaign didn’t do much to help it”, — noted researchers.

Nevertheless, the threat of BlueKeep is still relevant, the researchers emphasize. Despite the decline in the number of unpatched machines, there are a fairly large number of vulnerable systems that can become an attractive target for attackers.

Read also: Facebook reports another data leak

Researchers note that even given the presence of hundreds of thousands of vulnerable systems, we can only hope that the worm that everyone is waiting for will not appear in the near future.

The vulnerability of BlueKeep (CVE-2019-0708) was first reported in May of this year. It does not require authorization or any interaction with the user. In other words, it is “worm-like,” so it allows malware to spread from computer to computer, just like the WannaCry malware have spread around the world in 2017.
User Review
0 (0 votes)
Comments Rating 0 (0 reviews)
James Brown

Technology news writer and part-time security researcher. Author of how-to articles related to Windows computer issue solving.

Recent Posts

Remove News-bpudepi.today pop-up ads (Virus Removal Guide)

News-bpudepi.today is a domain that tries to trick you into subscribing to its browser notifications…

15 hours ago

Remove Doguhtam.xyz pop-up ads (Virus Removal Guide)

Doguhtam.xyz is a site that tries to trick you into subscribing to its browser notifications…

15 hours ago

Remove News-xlixoti pop-up ads (Virus Removal Guide)

News-xlixoti.com is a site that tries to force you into subscribing to its browser notifications…

15 hours ago

Remove Ducesousightion pop-up ads (Virus Removal Guide)

Ducesousightion.com is a domain that tries to trick you into clik to its browser notifications…

15 hours ago

Remove News-xlabica.live pop-up ads (Virus Removal Guide)

News-xlabica.live is a domain that tries to trick you into clik to its browser notifications…

15 hours ago

Remove Mergechain.co.in pop-up ads (Virus Removal Guide)

Mergechain.co.in is a site that tries to trick you into subscribing to its browser notifications…

15 hours ago