The vulnerability is severe enough that Microsoft took a pretty unusual step in releasing updates for Windows XP and Server 2003 in addition to currently supported versions of Windows that are affected.
Unlike WannaCry, this threat is seen as extremely easy to exploit. It took a leaked NSA tool to exploit the WannaCry vulnerability, whereas the fear with BlueKeep is that it will be much easier to take advantage of. And, with a patch now available you can bet there are cyber adversaries who are reverse engineering the patch as you read this, getting ready to exploit organizations and individuals alike.
If you remember the WannaCry attack, Microsoft had issued a patch months before, but some companies hadn’t installed the fix. This led to a global impact. In order to avoid a potential repeat, it’s critical for everyone to update all affected systems as quickly as possible.
With the latest versions of MS SCCM not supporting Windows XP and Server 2003, the job is going to be more difficult. But it doesn’t necessarily mean that you must perform your patching manually. You can patch up to 50 systems including Windows XP and Server 2003 by accessing this free 60-day license to Ivanti Security Controls here.
Don’t risk the exposure, or cost, of a BlueKeep attack. If you act fast by applying the necessary patches, you’ll avoid exposure and retain your peace of mind.
The opinions expressed in this post belong to the individual contributors and do not necessarily reflect the views of Information Security Buzz.