A vulnerability so critical, that even the NSA has issued an advisory warning! Last month, Microsoft sent out two separate messages explaining that there is a vulnerability in old Windows machines known as BlueKeep. BlueKeep is a vulnerability present in the Remote Desktop Services feature in Windows 7, Windows Vista, and Windows XP along with Windows Server 2003 and 2008 systems. There is a bug in this feature which can be exploited to take control of a Windows machine, all without requiring a password.
The NSA rarely comments on security vulnerabilities and, in general, they prefer to linger in the shadows – that’s what makes their involvement so terrifying. Imagine this: you are sitting at your desk working away on a proposal for that big prospect, when suddenly, your computer stops responding and your cursor begins moving across the page – seemingly on its own. You’ve done nothing wrong, and yet, a cyber criminal now has control of your machine.
The best-case here is that they are doing this simply to cause you grief. They might mess around for a few minutes, close some windows, and possibly even cause your computer to crash. And that’s the BEST outcome. In the worst-case scenario, the hacker might install a piece of spyware in the background to monitor the activity on your computer, or your network, OR, even worse, they could be installing Ransomware – leaving your sensitive information hostage until you pay up.
Microsoft issued a security patch some time ago, unfortunately, there are still a number of Window’s machines that haven’t been patched and are susceptible to this threat. Once the machine is compromised, the hacker has full rights to view, change and delete your confidential data. That means a cyber criminal can easily install programs, create new accounts, and in general wreak havoc on your computer.
To stay secure, you must disable the Remote Desktop Service feature on your computer and ensure that your systems are always patched. One of the best ways to ensure your computer are always patched is to implement a Remote Monitoring & Management (RMM) solution like the one Connectability uses (Kaseya’s VSA). This will ensure that you are fully patched and protected. One final note: BlueKeep does not affect the latest versions of Microsoft’s operating systems – Windows 10, Windows 8.1, Windows 8, Windows Server 2019, Windows Server 2016, Windows Server 2012 R2, or Windows Server 2012. So if you can, you should upgrade to the latest operating system. This will go a long way towards protecting your business from vulnerabilities.
Call us now at (416) 966-3306 to determine if your computer systems are patched, and to prevent a hacker from gaining access to your confidential information.