Microsoft Windows users warned to critically update their computers or risk ‘WannaCry 2.0’
Up to a million ‘dangerously out of date’ Windows users could be at risk
of a global attack that could be as devastating as WannaCry.
About a million Windows users could be at risk of
a highly spreadable ransomware attack, experts fear could be as
troubling as the 2017 WannaCry cyberattack.
Microsoft says any operating system earlier than Windows 8 is at risk with internet security company AVG warning users to check if their operating system is ‘dangerously out of date’.
Microsoft alerted users to BlueKeep earlier this year, but have warned more than a million computers are still vulnerable.
The vulnerability involves a common Windows protocol, which can allow hackers to remotely takeover a computer without any input from the machine’s owner.
The simplicity of BlueKeep means it can potentially hit thousands of computers.
Microsoft lists BlueKeep as a 9.8 out of 10 in threat severity, prompting its director of security to compare it to WannaCry.
In 2017 WannCry hit Windows computers globally and resulted in more than 300,000 being infected with the ransomware worm.
That cybervirus spread rapidly to the point where the UK National Health Service and European telecommunications and automotive services were affected.
They warn the pre-2008 Windows software vulnerability in the Remote Desktop Protocol (RDP) could result in a major global ransomware attack.
Microsoft says BlueKeep is able to ‘worm’ its way into computer systems with no owner interaction at all.
With potentially millions of networks vulnerable, we’re now notifying smaller entities and owners and operators of businesses around Australia, of the need to patch your systems as soon as possible,
ACSC warned last month, adding BlueKeep has the potential for “significant, widespread harm around the world.”
The BlueKeep vulnerability is readily available to cyber criminals who seek to exploit vulnerable systems en masse. These criminal groups are not necessarily targeting unsuspecting users; they’re simply sweeping the landscape for vulnerable, outdated systems that are easily penetrable.
HOW TO PROTECT YOURSELF
Microsoft warns up to one million computers connected directly to the internet are vulnerable to BlueKeep.
The tech company is offering fixes for vulnerable operating systems, including Windows 7, Windows Server 2008 R2, and Windows Server 2008 and out-of-support systems including Windows 2003 and Window XP. Windows 10 is not affected.
ACSC advises “patch, patch, patch, monitor your networks, and then patch some more.”
It advises vulnerable Windows users to deny access to Remote Desktop Protocols (RDP) directly from the internet and use a VPN with multifactor authentication, if internet based access to RDP is required.
Microsoft warns up to one million computers connected directly to the internet are vulnerable to BlueKeep.
The tech company is offering fixes for vulnerable operating systems, including Windows 7, Windows Server 2008 R2, and Windows Server 2008 and out-of-support systems including Windows 2003 and Window XP. Windows 10 is not affected.
ACSC advises “patch, patch, patch, monitor your networks, and then patch some more.”
It advises vulnerable Windows users to deny access to Remote Desktop Protocols (RDP) directly from the internet and use a VPN with multifactor authentication, if internet based access to RDP is required.
WHAT IF I IGNORE IT?
British cyber security firm Sophos released a video to show the severity of BlueKeep stressing it can take over a computer without any authentication.
The Sophos video shows how hackers can easily get full control of a computer without needing to deploy malware.
Online security companies such as McAfee have also warned against BlueKeep in multiple blogs.
If you suspect your computer is at risk, visit Microsoft’s security portal here.
For more details on BlueKeep read the full ACSC warning here.
No comments
Thanks for viewing, your comments are appreciated.
Disclaimer: Comments on this blog are NOT posted by Olomoinfo, Readers are SOLELY responsible for their comments.
Need to contact us for gossips, news reports, adverts or anything?
Email us on; olomoinfo@gmail.com