Acting Homeland Security Secretary Kevin McAleenan speaks with DHS employees in New York on April 22, 2019. (DHS photo by Tim D. Godbee)

After Remote-Code Test, DHS Sounds the Alarm on BlueKeep

The Department of Homeland Security has added its voice to a chorus of government and corporate cybersecurity professionals urging users to patch their systems for BlueKeep, a critical vulnerability recently reported in old Microsoft Windows operating systems.

DHS’s Cybersecurity and Infrastructure Security Agency said Monday said it had used the BlueKeep vulnerability to execute remote code on a test machine operating Windows 2000. The agency released an advisory reiterating that, like the famed WannaCry ransomware, BlueKeep is “wormable,” in that malware exploiting the vulnerability could spread to other systems.

When it was disclosed, security experts immediately warned of BlueKeep’s severity, and as of last week, close to 1 million internet-exposed machines were still vulnerable to the flaw, according to researchers at cybersecurity company BitSight.

Read more at CyberScoop

New ISIS Cybersecurity Bulletin Shows Interest in Microsoft BlueKeep Bug

The Government Technology & Services Coalition's Homeland Security Today (HSToday) is the premier news and information resource for the homeland security community, dedicated to elevating the discussions and insights that can support a safe and secure nation. A non-profit magazine and media platform, HSToday provides readers with the whole story, placing facts and comments in context to inform debate and drive realistic solutions to some of the nation’s most vexing security challenges.

Leave a Reply

Latest from Cybersecurity

SIGN UP NOW for FREE News & Analysis on topics of your choice across homeland security!

BEYOND POLITICS.  IT'S ABOUT THE MISSION. 

Go to Top
Malcare WordPress Security