Welcome to DU!
The truly grassroots left-of-center political community where regular people, not algorithms, drive the discussions and set the standards.
Join the community:
Create a free account
Support DU (and get rid of ads!):
Become a Star Member
Latest Breaking News
Editorials & Other Articles
General Discussion
The DU Lounge
All Forums
Issue Forums
Culture Forums
Alliance Forums
Region Forums
Support Forums
Help & Search
NSA Warns Microsoft Windows Users: Update Now Or Face 'Devastating Damage' [View all]
Source: Forbes
Jun 7, 2019, 05:19am
NSA Warns Microsoft Windows Users: Update Now Or Face 'Devastating Damage'
Davey Winder Contributor
Cybersecurity
I report and analyse breaking cybersecurity and privacy stories
I can't recall ever seeing the U.S. National Security Agency (NSA) jumping in and warning users of Microsoft Windows to check if their systems are fully patched and, if not, to update now or risk a "devastating" and "wide-ranging impact." But that's what has just happened.
In an advisory published this week, the NSA has urged "Microsoft Windows administrators and users to ensure they are using a patched and updated system in the face of growing threat." That threat being BlueKeep, which has already been the focus of multiple "update now" warnings from Microsoft itself.
The NSA warning comes off the back of research that revealed just under one million internet-facing machines are still vulnerable to BlueKeep on port 3389, used by the Microsoft Remote Desktop feature, with nobody knows how many devices at risk within the internal networks beyond. The potential is certainly there for this threat, if exploited, to be on the scale of WannaCry.
It's hard to know exactly why the NSA has decided to issue this advisory now, especially as it hasn't gone through the more usual U.S.-Computer Emergency Readiness Team (CERT) channel. "I suspect that they may have classified information about actor(s) who might target critical infrastructure with this exploit," Ian Thornton-Trump, head of security at AmTrust International, told me, "that critical infrastructure is largely made up of the XP, 2K3 family." This makes sense as although Windows 8 and Windows 10 users are not impacted by this vulnerability, Windows 2003, Windows XP and Windows Vista all are.
-snip-
NSA Warns Microsoft Windows Users: Update Now Or Face 'Devastating Damage'
Davey Winder Contributor
Cybersecurity
I report and analyse breaking cybersecurity and privacy stories
I can't recall ever seeing the U.S. National Security Agency (NSA) jumping in and warning users of Microsoft Windows to check if their systems are fully patched and, if not, to update now or risk a "devastating" and "wide-ranging impact." But that's what has just happened.
In an advisory published this week, the NSA has urged "Microsoft Windows administrators and users to ensure they are using a patched and updated system in the face of growing threat." That threat being BlueKeep, which has already been the focus of multiple "update now" warnings from Microsoft itself.
The NSA warning comes off the back of research that revealed just under one million internet-facing machines are still vulnerable to BlueKeep on port 3389, used by the Microsoft Remote Desktop feature, with nobody knows how many devices at risk within the internal networks beyond. The potential is certainly there for this threat, if exploited, to be on the scale of WannaCry.
It's hard to know exactly why the NSA has decided to issue this advisory now, especially as it hasn't gone through the more usual U.S.-Computer Emergency Readiness Team (CERT) channel. "I suspect that they may have classified information about actor(s) who might target critical infrastructure with this exploit," Ian Thornton-Trump, head of security at AmTrust International, told me, "that critical infrastructure is largely made up of the XP, 2K3 family." This makes sense as although Windows 8 and Windows 10 users are not impacted by this vulnerability, Windows 2003, Windows XP and Windows Vista all are.
-snip-
Read more: https://www.forbes.com/sites/daveywinder/2019/06/07/nsa-warns-microsoft-windows-users-update-now-or-face-devastating-damage/
5 replies
= new reply since forum marked as read
= new reply since forum marked as read