Microsoft Warns 1 Million Computers Are Still Vulnerable To Major Windows Security Exploit (theverge.com) 21
Earlier this month, Microsoft revealed a major Windows security vulnerability that could see a widespread "wormable" attack that spreads from one vulnerable computer to the next. "While Microsoft has released patches for Windows systems, even for older server and Windows XP machines, recent reports have revealed there are at least 1 million systems connected to the internet that can be attacked," reports The Verge.
"Microsoft is confident that an exploit exists for this vulnerability," warns Simon Pope, director of incident response at Microsoft's Security Response Center (MSRC). "It's been only two weeks since the fix was released and there has been no sign of a worm yet. This does not mean that we're out of the woods." From the report: Pope notes that it was nearly two months after the release of patches for the previous EternalBlue exploit when WannaCry attacks began, and despite having 60 days to patch systems, a lot of machines were still infected. The EternalBlue exploit was leaked publicly, allowing hackers to create malware freely. This new BlueKeep flaw hasn't yet been publicly disclosed, but that doesn't mean there won't be malware. "It is possible that we won't see this vulnerability incorporated into malware," says Pope. "But that's not the way to bet."
"Microsoft is confident that an exploit exists for this vulnerability," warns Simon Pope, director of incident response at Microsoft's Security Response Center (MSRC). "It's been only two weeks since the fix was released and there has been no sign of a worm yet. This does not mean that we're out of the woods." From the report: Pope notes that it was nearly two months after the release of patches for the previous EternalBlue exploit when WannaCry attacks began, and despite having 60 days to patch systems, a lot of machines were still infected. The EternalBlue exploit was leaked publicly, allowing hackers to create malware freely. This new BlueKeep flaw hasn't yet been publicly disclosed, but that doesn't mean there won't be malware. "It is possible that we won't see this vulnerability incorporated into malware," says Pope. "But that's not the way to bet."
we need to know (Score:1)
If Natalie's grits are vulnerable
I have seen this one.. (Score:3)
It is called "Windows Update", and it can do a real number on your system.
Re: (Score:3)
I waited for that RDP in my very old, updated Windows XP Pro. SP3 but it never showed up. I had to get it manually. Also, WU takes forever to scan! :(
Re: (Score:1)
Please, please, please (Score:1)
We've obfuscated stuff, we've hidden all the features another level down, we've damaged usability, but give us money anyway...
if MessASoft would let me upgrade mine.... (Score:2)
no, on three tries, the security upgrade won't install on my 8.1 laptop. guys, try it the old way... download, set a semaphore, reboot in safe mode and install.