ESET security company warns companies in particular vulnerability called BlueKeep, which might lead to mass attack similar to the infamous encryption ransomware, WannaCry.
BlueKeep is a security vulnerability that was discovered in Microsoft’s Remote Desktop Protocol, which allows for the possibility of remote code execution.
First reported in May 2019 by the UK National Cyber Security Centre, it is present in all Windows NT-based versions of Microsoft Windows from Windows 2000 through Windows Server 2008 R2 and Windows 7. Microsoft issued a security patch (including an out-of-band update for several end-of-life versions of Windows, such as Windows XP, Windows Server 2003) on 14 May 2019.
Here are a few steps you need to follow to protect your devices from BlueKeep vulnerability:
1. Update your Windows operating system:
Windows 7, Windows Server 2008 R2, and Windows Server 2008 with automatic updates enabled. However in case you are using older versions such as Windows XP or Windows server 2003 you can find the security update on this page.
2. Disable Remote Desktop Protocol:
While installing the security update its important to disable Remote Desktop Protocol (RDP) in your computer, after the update you can enable it if you require.
3. Check your RDP configuration:
It’s important to set proper RDP configuration to stay secure, for example you can set only devices on the local network or connected via VPN should be able to connect remotely or whitelist only specific IP addresses who are allowed to connect.
4. Use the latest version of your security solution:
If you are not using a security solution it is very important to start using one to stay secured, if you are already using security solution make sure it’s updated to latest version, because the old version might not detect new vulnerabilities. The best security solution out there is from ESET’s security company which provides Ransomware Shield and Network Attack Protection.
Final Thoughts:
This BlueKeep vulnerability is similar to encryption ransomware WannaCry which in 2017 infected more than 2000 computer and demanded ransom to unlock it. Coming to BlueKeep vulnerability, good news is that so far there is no evidence that the attackers are really using the vulnerability. But this is probably only a matter of time.
If you are using the latest version of Windows OS you do not need to sweat, in case if you are using the older versions you need to follow the steps mentioned above to stay secured, also most important thing is to have latest version of security solution. The best out there is from ESET security company which provides Ransomware Shield and Network Attack Protection, which has been successfully protecting against vulnerability that has spreaded WannaCry or NotPetya ransomware worldwide.