Users and organizations continue to patch the Windows vulnerability tracked as BlueKeep and CVE-2019-0708, but over 800,000 systems are still exposed to attacks.
BitSight reported on Wednesday that its latest scan, conducted on July 2, showed over 805,000 devices vulnerable to BlueKeep attacks, 167,000 less than it had identified on May 31.
“Assuming a simplistic average this represents an average decrease of 5,224 exposed vulnerable exposed systems per day. By consistently observing individual vulnerable systems that remain exposed to the Internet and then identifying when they’re patched, we can calculate that at minimum an average of 854 vulnerable systems per day are patched. The difference between these two estimates may represent systems which no longer expose the service to the Internet today, or those that are changing IP addresses frequently,” BitSight said.
Errata Security’s Robert Graham, who also conducted a scan in late May and discovered more than 923,000 vulnerable systems, on Wednesday reported seeing roughly 730,000 machines. However, Graham admitted that BitSight’s results are likely more “reliable” than his.
According to BitSight, the telecommunications industry is by far the most affected, with over 30% of companies having exposed vulnerable devices. This sector is followed at a distance by education (6%) and technology (5%). At the other end of the chart we have the legal, insurance and finance sectors. It’s worth noting, however, that at least some progress has been observed across all industries.
“Telecommunications and Education often provide transit services and thus many of the issues affecting those industries are on systems of their customers. Residen ..
Support the originator by clicking the read the rest link below.
