BlueKeep is the newest threat to Windows and it has the NSA and Homeland Security on edge. Good news, the solution is simple: Make sure your computers and servers are up-to-date.
What Is BlueKeep?
BlueKeep (aka CVE-2019-0708) is a serious security hole in Windows 2000, XP, Vista, and 7 as well as Windows Server 2003, 2008 and 2008R2. (Newer operating systems aren't affected). It allows for a potential hacker to access Microsoft's Remote Desktop software. From there, they can run malicious code on your computer or server from anywhere in the world. According to Forbes, it's only a matter of weeks until hackers start exploiting this vulnerability. Many believe this exploit could be as bad as WannaCry, the exploit that took down all the NHS hospitals in the UK.
Microsoft has already released a patch for BlueKeep for Windows 7, Server 2008, and Server 2008 R2. If you have computers or servers on these operating systems, update them ASAP! Make sure your anti-virus is up-to-date while you're at it. BlueKeep is a huge threat but the fix for it couldn't be simpler.
Normally, Microsoft would not patch anything older than Windows 7 (like Windows XP or Sever 2003). However, because of the severity of the threat, Microsoft has released a security fix for these out-of-support versions of Windows. However, these devices are still woefully unprotected from other threats. RCC strongly recommends these devices are replaced or taken off the network.
A Reminder to Those with Windows 7 and Server 2008 (and 2008 R2)
On January 14th, 2020, Microsoft will end all support for Windows 7, Server 2008 and 2008 R2. After that, Microsoft will no longer patch new threats and issues like BlueKeep. This will leave your network exposed. Remember, a hacker only needs to breach one machine in your network to get in your system.
2020 might be months away but vendors like Dell are already backlogged with orders. We only expect this to get worse as the deadline draws closer.
If you are worried about BlueKeep or need help replacing older machines, please contact RCC at (401) 272-9262.