We saw hackers beginning to take advantage of users in the months leading up to the retirement of Windows XP. They know that when an operating system is reaching retirement, Microsoft is not prioritizing or dedicating the same amount of resources to patching and securing it like they are with newer operating systems. We continue to highly recommend upgrading your Windows 7 machine, as soon as possible, as we predict that attacks will be much larger scale and crippling than when Windows XP retired.
Windows 7 End of Support date is January 14, 2020. We are still 5 months out from retirement. However, this week, Microsoft has indicated that attackers have the BlueKeep exploit code “widely available” for use. This vulnerability was initially discovered in May, to which Microsoft issued patches. However, without patching the infected devices, these worm-like infections could spread worldwide. BitSight has reported this month that nearly 80% of the infected devices in May still have not been patched.
The BlueKeep vulnerability provides an avenue for remote code execution attacks on older Windows systems that use Microsoft's Remote Desktop Services. Successful exploits can give attackers access to all user credentials used on the RDP system. It can affect users of Windows 7, Windows Server 2008/ 2008 R2, as well as the older and unsupported Windows XP and Windows Server 2003 systems.
Microsoft has issued another patch for the vulnerability, and strongly recommends applying that security update, as well as implementing multifactor authentication.
We recommend upgrading the aforementioned operating systems, as soon as possible! Have no clue where to start? You're in the right place! We can help.