Trying to keep up-to-date on how to stay safe from cyber criminals these days can be nearly impossible. Most have no idea how or where to even begin.
There are plenty of security measures to consider, but a good place to start would be to run the suggested updates on your computers and mobile devices. I know it’s tempting to push the “Maybe Later” button when they pop up, but these updates are for your own safety. Sometimes they add software features, but many times, they’re fixing bugs and plugging security holes.
Installing these updates when they come out can help avoid major security problems, such as the one Microsoft is doing its best to fix right now.
A Current Microsoft Vulnerability
A vulnerability known as “BlueKeep” has been discovered in Microsoft’s Remote Desktop Services. Hackers can take advantage of this security hole remotely and can run code on your computer without your knowledge or consent.
This means the hacker doesn’t need you to accidentally click on one of their pop-ups or any of their other tricks. Once they get into your system, they can get to your files, install programs, access different user accounts – basically, do whatever they want.
Have any banking or financial information on your computer? Client information? Yup, they’d have access to all of it if they got in through this security hole!
Protecting Yourself from BlueKeep
The good news is that if you’re using a Windows 8 or 10 machine, you’re good. This threat doesn’t affect those systems.
And if you’re diligent about installing updates, or “patches” as they’re often referred to, on supported systems, you should be good to go. Microsoft released patches for Windows 7 and Server 2008 in their most recent Patch Tuesday.
Microsoft has also issued patches for Windows XP, Vista, and Server 2003, which is uncommon since those systems have been out-of-support for several years. You’ll have to download and install them yourself though – they won’t be sent automatically.
What If I Don’t (or Can’t) Patch?
Microsoft strongly suggests patching vulnerable systems, but they have offered a few mitigations and workarounds that could help keep you safe in the meantime.
- Disable Remote Desktop Services if they are not required.
- Enable Network Level Authentication (NLA) on systems running supported editions of Windows 7, Windows Server 2008, and Windows Server 2008 R2.
- Block TCP port 3389 at the enterprise perimeter firewall.
Source: https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0708
If you need help keeping your business safe from this threat or others, feel free to reach out to us any time.