Windows BlueKeep: NSA warns people of major Microsoft hacking vulnerability in rare advisory

'An event on a scale similar to that of WannaCry is not off the table,' one expert warns

Anthony Cuthbertson
Friday 07 June 2019 06:01 EDT
Comments
Staff at Microsoft Research Asia worked with researchers at a Chinese university
Staff at Microsoft Research Asia worked with researchers at a Chinese university (Getty)

Your support helps us to tell the story

From reproductive rights to climate change to Big Tech, The Independent is on the ground when the story is developing. Whether it's investigating the financials of Elon Musk's pro-Trump PAC or producing our latest documentary, 'The A Word', which shines a light on the American women fighting for reproductive rights, we know how important it is to parse out the facts from the messaging.

At such a critical moment in US history, we need reporters on the ground. Your donation allows us to keep sending journalists to speak to both sides of the story.

The Independent is trusted by Americans across the entire political spectrum. And unlike many other quality news outlets, we choose not to lock Americans out of our reporting and analysis with paywalls. We believe quality journalism should be available to everyone, paid for by those who can afford it.

Your support makes all the difference.

The US National Security Agency (NSA) has issued a rare security advisory over a major security vulnerability affecting Microsoft Windows users.

The malware known as BlueKeep leaves older versions of Windows exposed to cyber attacks, and both Microsoft and the NSA urged users of Windows 7, Windows XP and Server 2003 and 2008 to update their systems immediately.

Microsoft warned that nearly one million computers connected to the internet are currently vulnerable to the BlueKeep "worm", with many more within corporate networks also likely at risk.

"It only takes one vulnerable computer connected to the internet to provide a potential gateway into these corporate networks, where advanced malware could spread, infecting computers across the enterprise," Microsoft wrote in a security notice to customers.

The technology giant compared the risks to those of the WannaCry virus, which infected hundreds of thousands of computers around the world in 2017 and caused billions of dollars worth of damage.

The NSA said there had been no signs of the BlueKeep virus in the wild, but it was likely only a matter of time until cyber criminals take advantage of it.

"It is likely only a matter of time before remote exploitation code is widely available for this vulnerability," the intelligence agency wrote in its advisory.

"NSA is concerned that malicious cyber actors will us the vulnerability in ransomware and exploit kits containing other known exploits, increasing capabilities against other unpatched systems."

Cyber security experts noted that the NSA's advisory highlighted the severity of the risks posed by the BlueKeep bug, and reinforced the WannaCry comparisons.

The impact of the 2017 virus went way beyond the financial damage that it caused, with several high-profile organisations locked out of their computer systems for weeks or even months.

One of the hardest hit was the NHS, which caused disruption for thousands of patients and forced some hospitals and health services to turn away non-critical emergencies.

"It was reported that the bug had left almost one million devices vulnerable, even two weeks after a patch was released," Leigh-Anne Galloway, cyber security resilience lead at Positive Technologies, told The Independent.

"With this kind of number, and criminals constantly fine-tuning their hacking methods, an event on a scale similar to that of WannaCry is not off the table."

Join our commenting forum

Join thought-provoking conversations, follow other Independent readers and see their replies

Comments

Thank you for registering

Please refresh the page or navigate to another page on the site to be automatically logged inPlease refresh your browser to be logged in