It has been reported that despite alerts from Microsoft and the U.S. government, more than 800,000 online systems have yet to patch the Windows RDP vulnerability two months after it was disclosed.The critical vulnerability affects the remote desktop protocol (RDP) in older windows OSes such as Windows 7, Windows XP and Windows Server 2008. The Vulnerability could allow unauthorised parties to perform remote code execution on vulnerable systems.
Bob Huber, CSO at Tenable:
“Recent estimates indicate that more than 800,000 systems are still vulnerable to BlueKeep, nearly two months after patches were first released. While the number of unpatched systems has decreased since May, it’s simply not enough. There is a lot of FUD in the security industry, but that’s not the case here. Organisations and users alike should not brush this off as “hype.” This vulnerability is no joke; BlueKeep has all the makings of becoming the next WannaCry or NotPetya. Patch now before it’s too late.”