Itpa webheader

ACSC urges Windows users to patch against BlueKeep


By Dylan Bushell-Embling
Friday, 07 June, 2019


ACSC urges Windows users to patch against BlueKeep

The Australian Cyber Security Centre is urging Windows users across Australia — especially those using outdated and obsolete versions — to ensure their systems are patched against the critical BlueKeep vulnerability.

The critical remote code execution vulnerability was recently discovered in the Remote Desktop Services component in some older version of Windows.

It is capable of spreading like a worm through vulnerable computers in a similar manner to WannaCry, and of giving attackers the ability to install programs, to view, change or delete data, and to create new accounts with full user rights.

In an indication of the potential severity of the vulnerability, Microsoft last month took the highly unusual step of issuing fixes to all affected versions of Windows, including out-of-support versions including the ancient Windows XP and Windows 2003.

The vulnerability also affects Windows 7 as well as Windows Server 2008 — which are still in extended support — but is not present on Windows 8 or Windows 10.

The ACSC had previously issued an advisory offering detailed mitigated advice for government and critical infrastructure partners that rely on legacy Windows operating systems. Now the ACSC has extended its advice to smaller organisations around Australia, due to the fear that “potentially millions of networks” are vulnerable to the exploit.

The centre has urged all businesses using the affected operating systems to patch as quickly as possible. For users of out-of-support operating systems, this requires manually installing updates from Microsoft’s website.

Businesses should also block access to remote desktop protocols directly from the internet, using a VPN with multifactor authentication if the protocols are required. Internal network machine-to-machine remote desktop protocols should also be limited as much as possible — ideally only to servers.

Finally, the ACSC has urged businesses to consider implementing Microsoft’s Network Level Authentication capabilities, which the company has stated prevents exploits written for the vulnerability from spreading like a worm.

Image credit: ©stock.adobe.com/au/natali_mis

Please follow us and share on Twitter and Facebook. You can also subscribe for FREE to our weekly newsletter and quarterly magazine.

Information Technology Professionals Association (ITPA) is a not-for-profit organisation focused on continual professional development for its 18,700 members. To learn more about becoming an ITPA member, and the range of training opportunities, mentoring programs, events and online forums available, go to www.itpa.org.au.

Related News

Neglecting IT training can have "astronomical" costs

Failing to provide IT employees with quality training can cause significant costs for businesses,...

BlueKeep exploit released into the wild

An exploit for the BlueKeep Windows vulnerability has been released by the open source Metasploit...

Government seeks feedback on cybersecurity strategy

The Australian Government is seeking feedback on a new cybersecurity strategy to help businesses...


  • All content Copyright © 2019 Westwick-Farrow Pty Ltd