Earlier this week the ACSC released an alert notice to warn Australians about the BlueKeep (CVE-2019-0708) vulnerability.
https://www.cyber.gov.au/news/update-acsc-confirms-potential-exploitation-bluekeep-vulnerability
What is the BlueKeep (CVE-2019-0708)?
It’s a vulnerability in the Remote Desktop Protocol (RDP) that can affect Server 2008, Server 203, Windows, XP, Windows Vista and Windows 7. If you do not act on this vulnerability, then you are leaving the door open for criminals to modify data, delete data, access data and install malware.
What Action should I take?
You SHOULD not be running these systems now however if you are and in business, the environment HAS to look at moving off these platforms ASAP. I wrote an article earlier in the year that Windows 7, Server 2008 and Office 2010 are End of Life (EOL) in 2020 and as I write this there are only 138 days until 1st January.
To remind you again of the dates:
- Windows 7 – End of life on January 14th 2020
- Server 2008 and Server 2008R2 – End of life on January 14th 2020
- Exchange 2010 – End of life on January 14th 2020
- End of Life on October 13th 2020:-
- Office 2010 – October 13th 2020
- SQL Server 2008 and SQL Server 2008R2 – July 9th 2019
The link to the article I wrote at the start of the year titled “The End-of-Life is Near” can be found here:-