Microsoft, almost 1 million PC and Windows servers still vulnerable to BlueKeep

In recent weeks, Microsoft has revealed a ” wormable ” vulnerability that could have led to a new WannaCry, spreading from a vulnerable computer to a vulnerable computer with the power to reach a vast user base. Although Microsoft has already released security patches for supported systems and exceptionally for Windows XP and older Server versions, many systems seem to be vulnerable.

Simon Pope of the Microsoft Security Response Center has also published a reminder: ” Microsoft is confident that an exploit exists for this vulnerability, ” said the company manager. ” Only two weeks have passed since the release of the fix and there is still no trace of a worm. This does not mean, however, that we are out of trouble. ” In his message, Pope points out that WannaCry had spread two months after the release of the patches of the EternalBlue exploit and, despite the long period of time elapsed, many systems still remained vulnerable.

EternalBlue had been released publicly, allowing potential attackers to easily create malware that exploited the flaw. The new exploit referred to by Microsoft, BlueKeep, is not yet available to the public, so the release of malware capable of exploiting it is less likely. But it is not impossible, Pope stresses: ” It is possible that we will not see the vulnerability embedded in a malware, but better not to bet on this kind of thing “.

BlueKeep involves a vulnerability in Remote Desktop Services on Windows XP, Windows 7 and server versions of Microsoft’s operating system, such as Windows Server 2003, Windows Server 2008 R2 and Windows Server 2008. Although they are not very recent operating systems, these are still releases widely used throughout the world, especially in some business contexts. Microsoft has strongly recommended that system administrators update all sensitive computers as quickly as possible.