Update Your Windows Operating System, ASAP!

The CISA which is the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency is warning users and administrators of Windows operating systems to update their machines and install the latest patch as soon as possible.

> The Effort

The effort aims at preventing both companies and individual users from falling victims to a new vulnerability officially named CVE-2019-0708, known in the Cybersecurity world as BlueKeep.

According to Microsoft, this vulnerability allows a malicious attacker from exploiting the Remote Desktop Protocol to perform remote code execution on an unprotected system. Which translates to plain English as follows:

> In Plain English 

Without the user’s knowledge or interaction, without you clicking on anything, a hacker can send your computer some code that opens doors for them to completely control your machine. They could install programs, create new users with administrative rights, delete or copy your information… you name it!

When someone gains that kind of access into a machine, there is theoretically nothing they cannot do.

> How Dangerous Is It

The vulnerability is so dangerous that Windows released patches for operating systems they don’t even support anymore such as Windows XP. Something that rarely happens, and the last time a patch to an unsupported system was released is back in 2017, in an effort to protect against the infamous WannaCry crypto virus.

Windows believes BlueKeep has worm capabilities, which means it can propagate itself from one infected computer to another. So, an infected machine running XP can very well infect another machine running Windows 10, hence their “extended” support to these obsolete operating systems.

> The OSes vulnerable to BlueKeep are:

• Windows 2000
• Windows Vista
• Windows XP
• Windows 7
• Windows Server 2003
• Windows Server 2003 R2
• Windows Server 2008
• Windows Server 2008 R2

> Protect yourself

Digital Integrated Systems encourages you to review the Microsoft Security Advisory for CVE-2019-0708 and apply the recommended measures as appropriate to your setup and type of your network.

• Above all you need to download and install the latest updates available.
• Upgrade Endo Of Life (EOL) Operating Systems like Windows XP to newer and supported operating systems such as Windows 10.

• Disable unnecessary services not used by the operating system. This best practice limits your exposure to existing vulnerabilities.

• Enable Network Level Authentication in Windows 7, Windows Server 2008 and Windows Server 2008R2. This forces the session request to be authenticated, which automatically mitigates against KeepBlue since it needs the first packets to be sent through an un-authenticated connection.

• There is some advice going around the internet for enterprises to disable port 3389 on their perimeter firewall; since it is used to initiate RDP sessions. Unfortunately, this measure cannot protect you from internal unauthenticated sessions being initiated (any infected machine connected to the local network will not even go through the firewall), and if Microsoft knows what they are talking about this vulnerability has worm capabilities! So, it will transfer itself from any infected computer to any other on the same network.

Also, this measure will block legitimate RDP sessions that you may need to maintain for the daily operations depending on the nature of your business.

If you have any further questions do not hesitate to communicate with us on our phone number or via our social media, and follow our regular posts and advice on how to remain safe out there on the internet!

Protect Yourself, Never click under the influence!

The DIS Difference

Clear Communication

We won't do geek speak - you'll understand exactly what we are doing with progress reports in between!

Quick Problem Solving

Our goal is to solve your technical issues as quickly as possible.Our employees are compensated to fix issues faster!

Technology Consulting

If it involves technology, we can advise you. From managing your technology vendors to consulting on your ERP/CRM.

Find out how we can help...