There’s a security bug in Windows that’s so serious Microsoft has released fixes for version of Windows they don’t officially support anymore.
Here are links to the critical updates necessary or workaround if updating isn’t possible.
About Bluekeep
The Bluekeep security hole is being used by criminals to attack computers to install ransomware or steal data. It takes advantage of a bug in the Remote Desktop Protocol (RDP) that’s part of Windows.
Once infected, it can spread to other computers on the network. That’s what makes Bluekeep so dangerous and why it’s being compared with the Wannacry bug which caused so much trouble a few years ago.
Government agencies like the US National Security Agency and Department of Homeland Security, the National Cyber Security Centre in the UK and the Australian Cyber Security Centre have all warned about this vulnerability and urge people to update their systems.
Computers are vulnerable even if you don’t use Remote Desktop Protocol. RDP is on by default and most people/admins don’t turn the service off.
Bluekeep is such a worry that Microsoft has released patches for older versions of Windows they don’t officially support anymore. The risk is also the reason why we’re straying beyond our usual Microsoft Office territory to make sure our readers know what to do.
In typical Microsoft fashion, they’ve not made the patches very clear to the public. Their page with the Bluekeep related patches makes NO mention of the term ‘Bluekeep’ which is what most people are looking for. No reference to the affected Remote Desktop Protocol either. CVE-2019-0708 is the code reference for what’s commonly called ‘Bluekeep’.
Microsoft’s Bluekeep patch page, not that you’d know it!
Windows 10
Already protected. No action necessary
Windows 8
Already protected. No action necessary
Windows 7 SP1
The best option is to run Windows update to ensure all security patches are installed to date.
32-bit: Security update only
64-bit: Security update only
Those links are according to Microsoft though the KB articles for those patches make no mention of Bluekeep, CVE-2019-0708 or even the Remote Desktop Protocol! That might seem strange but it’s typical of Microsoft’s poor public documentation of security updates.
Windows Vista SP2
Windows Vista x64 Edition SP2
Windows XP SP3 x86
Windows XP Professional x64 Edition SP2
Windows XP Embedded SP3 x86
Windows 2000
According to some reports, Windows 2000 is also vulnerable to Bluekeep attacks.
There’s no patch for Windows 2000 but there’s a workaround …
Bluekeep protection without the patch
If you can’t patch any affected versions of Windows, use these workarounds instead.
The workaround is to block access to incoming Remote Desktop connections:
- Disable the Remote Desktop service
and/or - Block incoming connections on port 3389 (the RDP port) using a firewall program.
Microsoft downloads only
All the above links are to Microsoft which is the only place to download updates for Windows or Office. The publicity about Bluekeep is sure to bring out opportunists offering ‘fixes’ for a fee or updates which include unwanted ‘extras’. Ignore them.
Virtual Machines
Don’t forget to update any virtual machines. VM’s often run older Windows for testing or compatibility. Guest machines are easy to overlook when updating.
Windows Server updates for Bluekeep
Windows Server 2008
See https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0708
