Skip to main content

DejaBlue: New BlueKeep-Style Bugs Mean You Need to Update Windows Now

posted onAugust 11, 2019
by l33tdawg
Wired
Credit: Wired

For months, systems administrators have been racing to patch their Windows systems against BlueKeep, a critical vulnerability in Microsoft's Remote Desktop Protocol that could enable a global, internet-chewing worm if not fixed across hundreds of thousands of vulnerable computers. That worm has yet to arrive. But now, Microsoft has reset the clock in that race, revealing a collection of new RDP vulnerabilities, two of which could also result in the same sort of global worm—and this time in newer versions of Windows.

Microsoft today warned Windows users of seven new vulnerabilities in Windows that, like BlueKeep, can be exploited via RDP, a tool that lets administrators connect to other computers in a network. Of those seven bugs, Microsoft's advisory emphasized that two are particularly serious; like BlueKeep, they could be used to code an automated worm that jumps from machine to machine, potentially infecting millions of computers. As Microsoft's Security Response Center Director of Incident Response Simon Pope writes, "any future malware that exploits these could propagate from vulnerable computer to vulnerable computer without user interaction."

Source

Tags

Security

You May Also Like

Recent News

Friday, November 1st

Tuesday, July 9th

Wednesday, July 3rd

Friday, June 28th

Thursday, June 27th

Thursday, June 13th

Wednesday, June 12th

Tuesday, June 11th

Friday, June 7th

Thursday, June 6th