One Million Devices Open to Microsoft BlueKeep Flaw
Researchers have discovered one million internet connected devices that are vulnerable to a Microsoft flaw, which could open the door to a cyberattack. The flaw (CVE-2019-0708) was fixed during Microsoft’s May Patch Tuesday Security Bulletin earlier this month. System administrators were urged to immediately deploy fixes as the flaw could pave the way for a similar attack on the scale of WannaCry. Making matters worse, a spike in scans for vulnerable systems was spotted over the weekend – potentially indicating that bad actors are looking to sniff out the activity. The critical remote code-execution flaw exists in Remote Desktop Services and impacts older version of Windows, including Windows 7, Windows XP, Server 2003 and Server 2008 (Microsoft deployed patches to Windows XP and Windows 2003 for the bug during Patch Tuesday, neither of which is still supported via monthly Patch Tuesday updates). While Microsoft urged administrators to update impacted Windows…