With May's Patch Tuesday, Microsoft patched a critical "WannaCry-level" vulnerability along with other foray of security updates. This vulnerability is so critical that Microsoft actually released patches for Windows XP which they stopped supporting long back. This vulnerability is said to affect more than 450 million computers worldwide.
BlueKeep (CVE-2019-0708) is a vulnerability in the Remote Desktop Protocol (RDP) that can affect the Windows Vista, Windows 7, Windows XP, Server 2003 and Server 2008 operating systems.This BlueKeep vulnerability present in the Remote Desktop Services component is pre-authentication and requires no user interaction. This is an RCE vulnerability that can be exploited remotely by sending specially crafted requests over Remote Desktop Protocol (RDP) to a targeted system.
Remote Desktop Protocol(RDP) is a protocol that enables Remote Desktop Connection to communicate with Microsoft Terminal Services. It allows system administrators to remotely diagnose and resolve problems encountered. Millions of computer networks around the world have RDP exposed to the outside world so that they can be managed not only via their local network but also across the internet. But exposing RDP over to the internet has its flipside.
According to Microsoft, an attacker could exploit the BlueKeep RDP vulnerability by sending specially crafted malware packets to unpatched Windows machines that have RDP exposed. After successfully sending the packets, the attacker would then have the ability to perform a number of actions, including adding new user accounts, installing malicious programming and making changes to data.
WannaCry - The one name that made IT admins around the world tremble. The one name that showed what a real cyber warfare will be like - inflicting losses of more than $4 billion and leaving thousands of organizations stranded.
Well, security researchers fear that the BlueKeep RDS vulnerability (CVE-2019-0708)could be the next WannaCry as the vulnerability is wormable, meaning that any future malware that exploits this vulnerability could propagate from one vulnerable computer to another in a similar way WannaCry did in 2017.
Microsoft has patched the remote desktop services vulnerability with this month's Patch Tuesday. So, if your computer runs older Windows OSs like Windows XP or Windows 2003, follow the patch installation guide from Microsoft to deploy the BlueKeep patches.
But if you have more than ten computers, manually installing the BlueKeep patches can be time-consuming and tiring. Download a free trial of ManageEngine Patch Manager Plus to automate the patching process in your enterprise.
With features to automate patch management, test and approve patches, decline patches, and more, you can install the latest patches seamlessly to your endpoints as soon as they're available. Patch Manager Plus supports patching for all the major OSs like Windows, Mac, and Linux as well as patching for more than 500 third-party applications. This way, you'll never miss a patch for any of your applications.