Lifehacker: Seriously, Update Your Old Windows 7 PCs and Windows Servers Right Now

Lifehacker: Seriously, Update Your Old Windows 7 PCs and Windows Servers Right Now. “We’ve made several posts over the past year about “BlueKeep,” a serious exploit present in Windows 7’s remote desktop protocol (RDP) that could allow a hacker to take control of someone’s PC. Hell, we even covered recent news about the first successful use of BlueKeep attacks earlier this week, wherein hackers remotely installed cryptocurrency-mining software on vulnerable systems via RDP. And just yesterday, Microsoft’s internal security team posted a new warning saying they expect BlueKeep attacks to not only continue, but increase in sophistication (and severity) as time goes on.”

Ars Technica: Microsoft practically begs Windows users to fix wormable BlueKeep flaw

Ars Technica: Microsoft practically begs Windows users to fix wormable BlueKeep flaw. “In a Blog post published late Thursday night, members of the Microsoft Security Response Center cited findings published Tuesday by Errata Security CEO Rob Graham that almost 1 million Internet-connected computers remain vulnerable to the attacks. That indicates those machines have yet to install an update Microsoft issued two weeks ago patching against the so-called BlueKeep vulnerability, which is formally tracked as CVE-2019-0708. The exploits can reliably execute malicious code with no interaction on the part of an end user. The severity prompted Microsoft to take the unusual step of issuing patches for Windows 2003, XP, and Vista, which haven’t been supported in four, five, and two years, respectively.”