CATEGORIES
home News

Homeland Security Joins NSA In Urging Windows Users To Patch BlueKeep Worm Vulnerability ASAP

by Brandon HillTuesday, June 18, 2019, 10:39 AM EDT

Earlier this month, the National Security Agency (NSA) issued a warning to Windows users -- especially businesses running older versions of Windows -- to patch their systems against the BlueKeep wormable exploit. At the time, the NSA wrote, "NSA is concerned that malicious cyber actors will use the vulnerability in ransomware and exploit kits containing other known exploits, increasing capabilities against other unpatched systems."

Microsoft

Now the Cybersecurity and Infrastructure Security Agency (CISA) – the cybersecurity wing of the Department of Homeland Security -- is issuing its own warning about BlueKeep and the danger it poses to unpatched Windows systems. As we've previously reported, BlueKeep takes advantage of a vulnerability in the Remote Desktop Protocol (RDP) which allow an attacker to send malformed packets to a system to perform remote code execution.

According to CISA, it worked with outside partners to demonstrate that it's possible to run remote code on Windows 2000 systems with BlueKeep. However, considering that Windows 2000 is two decades old at this point, it shouldn't be too surprising that internet-facing machines running this OS would be susceptible to such a wormable exploit. Operating systems of similar vintage, including Windows XP, are also vulnerable without a patch (which you can download directly from Microsoft).

As a wormable exploit, the attacker only needs access to one system on a network, and is then able to propagate quickly throughout the network to other PCs further spreading the infection.

"CISA encourages users and administrators review the Microsoft Security Advisory and the Microsoft Customer Guidance for CVE-2019-0708 and apply the appropriate mitigation measures as soon as possible," CISA writes in its alert.

Although Microsoft hasn't released patches for Windows 2000 given its age, it has done so for Windows Vista, Windows XP, and Windows Server 2003. If you're still running Windows 2000, now might be a time to seek newer alternatives (a la Windows 10).

Tags:  Microsoft, Worm, (nasdsq:msft), bluekeep, homeland-security, cisa
Brandon Hill

Brandon Hill

Brandon received his first PC, an IBM Aptiva 310, in 1994 and hasn’t looked back since. He cut his teeth on computer building/repair working at a mom and pop computer shop as a plucky teen in the mid 90s and went on to join AnandTech as the Senior News Editor in 1999. Brandon would later help to form DailyTech where he served as Editor-in-Chief from 2008 until 2014. Brandon is a tech geek at heart, and family members always know where to turn when they need free tech support. When he isn’t writing about the tech hardware or studying up on the latest in mobile gadgets, you’ll find him browsing forums that cater to his long-running passion: automobiles.

Opinions and content posted by HotHardware contributors are their own.

TOP STORIES
Which New GPU Is For You?
More Results
KEEP INFORMED

Stay updated with the latest news and updates. Subscribe to our newsletter!

Subscribe Now
SITE

Home

Reviews

News

Blogs

Full Site

Sitemap

CATEGORIES

PC Components

Systems

Mobile

IT Infrastructure

Leisure

Videos

COMPANY

About

Advertise

News Tips

Contact

Privacy And Terms

HotTech

MORE

Accessibility

Shop

STAY CONNECTED

Twitter

Facebook

YouTube

RSS

As an Amazon and Howl Technologies Associate, HotHardware earns a commission from qualifying purchases made on this site. This site is intended for informational and entertainment purposes only. The contents are the views and opinion of the author and/or his associates. All products and trademarks are the property of their respective owners. Reproduction in whole or in part, in any form or medium, without express written permission of Hot Hardware, Inc. is prohibited. All content and graphical elements are Copyright © 1999 - 2026 Hot Hardware Inc, Inc.
All rights reserved. Privacy and Terms - Accessibility Commitment