Microsoft disclosed a vulnerability known as Bluekeep almost a year and a half ago. This exploit ties in with Windows RDP service as more than 200k Windows systems remain unpatched and still eligible to be hit by this exploit.
Back in May of 2019, it was first discovered which led to a scan that detected nearly a million systems were vulnerable to this BlueKeep attack. Which from then and now is a good number drop but still, that's a lot of machines that are still left without any protection.
This vulnerability allows attackers to take over Windows machines remotely since it's using RDP (Remote Desktop Protocol) which Microsoft believes this has been the most severe bug they had disclosed in recent years.
Yet with such a severe exploit, many systems have yet to be patched as a SANS ISC handler Jan Kopriva reported. He states that BlueKeep is not the only major remote exploitable vulnerability. As there are many more with a strong influence exposing these systems to attacks.
Apparently, Jan Kopriva says there are still millions of internet-accessible systems out there that admins have yet to patch and it leaves these systems vulnerable to remote hacks. Such systems are IIS servers, Exim email agents, OpenSSL clients, and of course WordPress sites.
Kopriva doesn't know why these systems have been left unpatched has even warnings from government and business cybersecurity firms have fallen on deaf ears. Such as two warnings from the US NSA (National Security Agency) which one was back in May and another in October. The October warning was about BlueKeep being used by Chinese state-backed hackers.
Sadly, what will happen to a lot of these systems is that they will be unpatched for years as Jan Kopriva expresses "even very well-known vulnerabilities are sometimes left unpatched for years on end...Given how dangerous and well known BlueKeep is, it rather begs the question of how many other, less well-known critical vulnerabilities are still left unpatched on a similar number of systems," (Kopriva, 2020)
It seems to be a questionable decision to not patch and update your systems but even now there are still companies and organizations running off of Windows xp and vista which have exploits and vulnerabilities that are unpatchable.
/UAT-Logo-new.jpg?width=151&name=UAT-Logo-new.jpg "UAT-Logo-new"){kind=logo}
Comment