The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued an Activity Alert to provide information on a vulnerability, known as “BlueKeep,” that exists in Microsoft Windows 7, Windows XP, Windows Server 2008, and some earlier operating systems. If you might be affected, read on for recommendations.
What is BlueKeep? BlueKeep is a security vulnerability in the Windows Remote Desktop Protocol (RDP). An attacker can exploit it to perform remote code execution on an unprotected system, potentially adding user accounts, viewing, changing, or deleting data, and installing programs. BlueKeep is considered "wormable," because it could propagate to other vulnerable systems.
For Ongoing Protection, Enable Windows Updates (Windows 7 and Server 2008). Microsoft released security updates to patch this vulnerability a month ago, so if you are running Windows 7 or Server 2008 and have not changed the update settings on your SpeedLine stations, the update should have been automatically installed. If your store has disabled automatic Windows updates, you should run the updater immediately (see steps below).
To check for updates (Windows 7):
Install available patches (Windows XP, 2003, or Vista). For operating systems that are no longer officially supported, including Windows Vista, Windows XP, and Windows Server 2003, Microsoft has released patches. You can download a patch for your older operating system and install it.