For months, systems administrators have been racing to patch their Windows systems against BlueKeep, a critical vulnerability in Microsoft's Remote Desktop Protocol that could enable a global, internet-chewing worm if not fixed across hundreds of thousands of vulnerable computers. That worm has yet to arrive. But now, Microsoft has reset the clock in that race, revealing a collection of new RDP vulnerabilities, two of which could also result in the same sort of global worm—and this time in newer versions of Windows.
Microsoft today warned Windows users of seven new vulnerabilities in Windows that, like BlueKeep, can be exploited via RDP, a tool that lets administrators connect to other computers in a network. Of those seven bugs, Microsoft's advisory emphasized that two are particularly serious; like BlueKeep, they could be used to code an automated worm that jumps from machine to machine, potentially infecting millions of computers. As Microsoft's Security Response Center Director of Incident Response Simon Pope writes, "any future malware that exploits these could propagate from vulnerable computer to vulnerable computer without user interaction."
Unlike BlueKeep, however, the new bugs—half-jokingly named 'DejaBlue' by security researchers tracking it—don't merely affect Windows 7 and earlier, as the earlier RDP vulnerability did. Instead, it affects Windows 7 and beyond, including all recent versions of the operating system.
Marcus Hutchins, a security researcher who has closely followed the RDP vulnerabilities and coded a proof-of-concept tool for exploiting BlueKeep, says that there ..
Support the originator by clicking the read the rest link below.
