What is BlueKeep and why should you care?

The new WannaCry

This new Microsoft vulnerability could become the next large cyberthreat likes 2017's WannaCry.

If you didn't already know WannaCry is a ransomeware virus that holds computers hostage until the user meets the demands. In 2017 the WannaCry software infected numerous computers running on the Microsoft operating system and displayed messages demanding users to pay $300 in bitcoin. 

Every now and then a named cybersecurty threat enters public conversation, making headlines with a unique name some of which before are WannaCry, RobbinHood and Bad Rabbit. However, this time a new name has shown up being BlueKeep. You may be wondering what it is, why it's a big deal, if it affects you and what you should/can do about it. Don't worry we're going to answer these for you.

What is BlueKeep?

Bluekeep is a software vulnerability affecting older versions of Microsoft Windows. We've already stressed enough at Direct Computers to our clients that running out of date versions of Windows is a huge security issue, especially when they come to their end of life and don't receive security updates anymore. It's risk is very significant because it attacks an operating system's Remote Desktop Protocol, which connects to another computer over a network connection. 

This would allow a cyberthreat to spread extremely quickly and across multiple devices. It was first discovered by the Uk National Cyber Security Centre in May. Microsoft have been imploring around a million users to apply a patch in blunt warnings since mid-May.

What the big deal?

Microsoft have warned that the BlueKeep vulnerability could cause a cybersecurty outbreak that could "propagate from vulnerable computer to vulnerable computer in a similar way as the WannaCry malware spread across the globe in 2017". This basically means that once the threat is introduced it can spread without any human interaction using networks and vulnerable devices. For this reason, Microsoft have said "We are taking the unusual step of providing a security update for all customers to protect Windows platforms".

It was made much more apparent of the severity of this issue when the United States 30,000 employee National Security Agency took the unuusal step of reinforcing the warnings. The Microsofts vulnerability "could spread without user interaction across the internet" the NSA warned. "We have seen devastating computer worms inflict damage on unpatched systems with wide-ranging impact, and are seeking to motivate increased protections against this flaw.”

Will this affect me?

You could be affected if you haven't updated the software in your personal computer for a long time. Microsoft states that vulnerable in-support systems include Windows 7, Windows Server 2008 R2 and Windows Server 2008. Out-of-support systems include Windows 2003 and Windows XP. 

Fortunately for customers running Windows 8 and Windows 10 are not affected by this vulnerability.

What should I do about it?

The first thing you should do is download and apply the patch, or software update that is made to counteract the vulnerability. Downloads for in-support versions of Windows can be found here.  If you have automatic updates enabled you will automatically be protected.

If you're running on a out-of-support version of Windows then the best way to address this vulnerability is to upgrade to the latest version of Windows. Even so, Microsoft says it is making fixes for this soon so keep a look out.

Need more help?

If you have any questions about the BlueKeep vulnerability or think you're infected make sure you get in contact with us ASAP.