On May 14, Microsoft issued a software update patch for its Remote Desktop Protocol (RDP). These patches fixed RDP vulnerabilities in older Windows operating systems including Windows Server 2008, Windows Server 2003, Windows 7, Windows XP, and Windows Vista. A few weeks ago, the National Security Administration (NSA) put some heat on system admins to patch stating: “Microsoft Windows administrators and users [must] ensure they are using a patched and updated system in the face of growing threats”. The NSA revealed that there are around one million internet-facing machines still vulnerable to this threat, which is now being called “BlueKeep”. If the vulnerability were to be exploited, it would allow the hacker to launch a malware attack that would have the potential to spread through the network to all other vulnerable computers. This vulnerability is expected by many security experts to be wormable and weaponized quickly and in a similar vein to what happened with WannaCry in 2017, which lead to as much as 4 Billion dollars in losses.
Why is it Important?
It is very important to be aware of what systems in your business need to be updated or replaced. It is important to regularly run scans to determine where vulnerabilities are, however, the underlying issue here is that many businesses have old equipment that they believe works perfectly fine. The problem with these systems is that once they reach their End of Life (EOL) or End of Support (EOS), the vendor no longer puts out updates to support the product, resulting in critical unpatchable security vulnerabilities. In the case of the “BlueKeep” RDP vulnerability, Microsoft deemed it so bad, that they took the extra step of releasing patches for EOL and EOS operating systems.
Importance of Patch Management
It is critical for your business to maintain a strong patch management program. But patching may not be enough. The businesses that CyberHoot.com consults with gain access to a Vulnerability Alert Management Process (aka: VAMP) that outlines response priorities to critical patches and vulnerabilities like BlueKeep. Over half of attackers take advantage of the software vulnerabilities as a gateway to the information systems of companies. VAMP allows organizations to take a look at their vulnerabilities, weaknesses, and potential threats and mitigate them on a timetable that everyone has agreed to previously. It’s forced controls on timelines for plans and remediation and lines of responsibilities all codified prior to the pressure situation of a rampant worm or weaponized vulnerability like Wannacry attacking businesses all over the world.
Call to Action
CyberHoot helps businesses like yours build and enhance cybersecurity programs to include critical processes like VAMP and Patch Management, while also automating governing and training employees with robust cybersecurity policies and awareness programs.
As employers and resellers, we need to be perfect at protecting our critical accounts and critical data; hackers only have to succeed once for a costly cyber incident or breach. Improve your odds of success by visiting CyberHoot.com and signing up for a free 30-day trial to begin closing the Cybersecurity skills gap by training your employees. Our 5-min Cyber “Hoots” teach your staff about Passwords, Passphrases, Password Managers, Two-factor Authentication, WiFi Insecurities, and dozens of other important cybersecurity topics. Are you doing everything you can to reduce your risks?
Head over to our CyberHoot Website and sign up for a free 30 day trial.
Author, Ty Mezquita, Blogger/Social Media – CyberHoot
Editor, Craig, Co-Founder – CyberHoot