Almost 1 million internet-connected devices remain vulnerable to the critical “BlueKeep” remote code execution bug that was recently found in Microsoft’s Remote Desktop Services, despite security fixes that were issued as part of May’s Patch Tuesday earlier this month.
The error is called Save As; It can be used to launch attacks using remote malicious code. Microsoft said it was “hot,” meaning the hacker could take advantage of the mistake to create self-replicating exploits.
CVE-2019-0708) affects operating systems including Windows 7, Windows XP, Windows Vista, and Windows 2003. Windows Server 2008 and 2008 R2 are also listed.
The company gave advice to users and companies working with these versions of operating systems to install the latest security updates. Initially, it was believed that due to the error, the attackers were exposed to almost 7.6 million devices.
Robert Graham, a specialist at Errata Security, released a new report saying the number of infected devices has now dropped to 950,000. In fact, most of the 7 million devices are not Windows systems.
A specialist used a tool called rdpscan to scan devices. He created the same with a clubhouse RiskSense ‘s Pillow Scanner with its own instrument called masscan.
However, Graham said he was unable to scan those Windows devices that are part of closed networks. Still, the concern is that roughly 1 million computers are at risk.
Microsoft has already released a fix in the latest Patch Tuesday updates on May 14. But there ‘s not much time left to install patches.
To date, no active UAV attack has been detected. However, recent reports suggest attackers have started hunting for vulnerable machines online.