Recently in May 2019, Microsoft came up with a security patch for its one of the widely used operating systems, Windows XP. Released in 2001, the version was said to be prone to vulnerable attacks as the patch was released—after many years—in May 2019. The US government, the National Security Agency (NSA) and Microsoft warned the XP users to keep their versions updated with issued patch.
The warning flashed red that something is there putting the software giant at risk. That something was actually a wormable vulnerability. According to the warning given by security experts, this vulnerability named as Bluekeep vulnerability was said to similar as ‘WannaCry’ ransomware in 2017. As per the experts, the unpatched versions of Windows XP, Windows 7, Windows Vista, Windows Server 2008, Windows Server 2008 R2 and Windows Server 2003 contain Bluekeep vulnerability and hence they are at risk as the ongoing exploit attacks are happening due to Bluekeep vulnerability is finally confirmed.
Previously, Microsoft had warned the users twice regarding the security updates in May 2019. The warnings were out on 14 May first and then on 30 May with more urgency. Despite this, the warnings were seemed to be disobeyed on large scale which further led to issue a warrant for update alerts escalation by NSA.
According to Kevin Beaumont—security researcher— and Markus Hatchins—a malware developer and security researcher— it is confirmed that the Bluekeep attacks are in action. The attackers are currently searching for RDP 3389 ports (Remote Desktop Services) which are available in unpatched Windows OS. Currently, the researchers think that the attacks are planned for installing cryptocurrency miners and payloads. The cryptocurrency miners are known for being best resource hogs and provider of roadmaps to allow malware installations. Thus, the fact cannot be ignored that the attackers can also drop malicious payloads more than miners. At the moment, this incident is kind of a warning for those who haven’t updated their systems with security patch.