Computer Security New Windows "Remote Access" Vulnerability Puts 800...

New Windows "Remote Access" Vulnerability Puts 800 Million Computers at Risk

millions affected remote vulnerability windowsThe Windows operating system has proven vulnerable to cyber attacks many times in the past, yet Microsoft is trying to face the threats and to provide patches for any emerging vulnerability in its platform. Since the beginning of 2019, several flaws in Windows have been discovered by researchers, and even though the company has managed to fix them before they could be exploited by hackers, we certainly cannot say that Windows devices are completely protected against cyber-attacks. 

A critical new vulnerability has now been reported which could potentially provide attackers with remote access to any computer. What is worse - this new flaw has been described as "wormable", which means it could spread across computers and networks without any user input. In that regard, Microsoft has released an emergency security patch, and it urges Windows users to make sure they have installed this latest security update in order to prevent their computers from being hijacked by malware authors.

Researchers who have detected the new flaw that affects all versions of the Windows operating system have called it BlueKeep II as it is very similar to some previously discovered vulnerabilities. This new cybersecurity bug takes advantage of Windows' Remote Desktop Services whose purpose is to allow users to access their computer over the Internet with the help of special software tools. Yet, this legitimate service is vulnerable to attacks, and when hackers exploit this vulnerability, they can acquire remote access to a computer without the user's knowledge and consent. Once the attackers have gained such access, they can install other software, make crucial changes to the system, create new user accounts with administrative privileges, and perform many other potentially harmful actions. In addition to that, the new BlueKeep II vulnerability is "wormable", just like its precursors, which means that any exploits can reproduce themselves and spread over to other computers without the need for any human interaction.

Though BlueKeep II resembles strongly the previous BlueKeep vulnerabilities found earlier this year, it requires a separate fix as it has not been covered by the patches that Microsoft has already released. As part of the discovery announcement, the company now launched several additional patches directed at this specific issue, therefore, all Windows users are advised to download the latest updates to prevent any malware pandemics. Furthermore, as this issue is defined as "elevated risk", updating should be done urgently. Microsoft has also provided links to the patch, while the next automatic updates would also include the necessary fixes.

Loading...