It’s no secret, Microsoft’s Windows operating system has been a hot target for hackers over the years. Recently, a new wave of attacks called “BlueKeep” has been keeping Microsoft on its toes. And now, following a recent spike in the exploit attempts, the tech giant has finally come up with a solution to the BlueKeep problem – update your outdated Windows 7 PC.
The Redmond giant’s internal security team has posted a blog post, following the spike in BlueKeep attacks and urging users of out-of-date Windows operating systems, including Windows 7 to update to the latest OS in order to avoid falling prey to a possible attack.
The blog post reads: ” Microsoft security signals showed an increase in RDP-related crashes that are likely associated with the use of the unstable BlueKeep Metasploit module on certain sets of vulnerable machines.” The post also suggests that the attacks could not only continue to grow but also become more sophisticated and harder to identify over time, reported TechRadar.
Data gathered recently suggests that despite Microsoft’s repeated appeals, over 700,000 PC’s are still vulnerable to these attacks because they don’t have the latest security patches installed on them. Microsoft and other internet security providers have been warning users to update their systems over the past year, but users were ignoring the message thinking that the BlueKeep Metasploit was just hypothetical, but now updating their PCs seems to be the only solution out there.
Apart from warning Windows 7 users, Microsoft has also warned businesses that use the outdated Windows Server 2008, Windows Server 2008 R2, and enterprise versions of Windows 7 against the BlueKeep vulnerability and urged them to update to the latest versions.
What is BlueKeep?
BlueKeep is a serious exploit present in Windows 7’s remote desktop protocol (RDP) that allows hackers to take control of your PC. Hackers could remotely install cryptocurrency mining software onto vulnerable systems via the exploit in the RDP. Reported earlier this month by security researcher Kevin Beaumont, the attacks were linked to a coin-mining campaign that uses the same command and control servers to launch attacks on vulnerable systems.
The exploit works via a remote code execution vulnerability that is also wormable and affects Windows XP, Windows Vista, Windows 7, Windows Server 2003, and Windows Server 2008. The vulnerability is also pre-authenticated, meaning that it does not require any user interaction to be initiated. What’s even worse, the wormable nature also allows BlueKeep to spread from one vulnerable system to another, again without any user interaction.
Fortunately, the attacks that were reported earlier this month were not wormable. However, Microsoft has warned against the worst.
So, if you are running Windows 7 or older versions, it is highly recommended that you install the latest security patches or consider upgrading to Windows 10, and of course, install good antivirus software.