Language Selection

English French German Italian Portuguese Spanish

NSA Back Doors in Windows Causing Chaos While Media is Obsessing Over DoS Linux Bug

Filed under
Microsoft
Security
  • U.S. Government Announces Critical Warning For Microsoft Windows Users

    The United States Department of Homeland Security's Cybersecurity and Infrastructure Security Agency (CISA) has gone public with a warning to Microsoft Windows users regarding a critical security vulnerability. By issuing the "update now" warning, CISA has joined the likes of Microsoft itself and the National Security Agency (NSA) in warning Windows users of the danger from the BlueKeep vulnerability.

    This latest warning, and many would argue the one with most gravitas, comes hot on the heels of Yaniv Balmas, the global head of cyber research at security vendor Check Point, telling me in an interview for SC Magazine UK that "it's now a race against the clock by cyber criminals which makes this vulnerability a ticking cyber bomb." Balmas also predicted that it will only be "a matter of weeks" before attackers started exploiting BlueKeep.

    The CISA alert appears to confirm this, stating that it has, "coordinated with external stakeholders and determined that Windows 2000 is vulnerable to BlueKeep." That it can confirm a remote code execution on Windows 2000 might not sound too frightening, this is an old operating system after all, it would be unwise to classify this as an exercise in fear, uncertainty and doubt. Until now, the exploits that have been developed, at least those seen in operation, did nothing more than crash the computer. Achieving remote code execution brings the specter of the BlueKeep worm into view as it brings control of infected machines to the attacker.

  • Netflix uncovers SACK Panic vuln that can bork Linux-based systems