The warnings refer to vulnerabilities in Windows' Remote Desktop Services that could be exploited by attackers; patches have been available since May 14. Credit: Thinkstock/Microsoft The U.S. National Security Agency (NSA) on Tuesday called on IT administrators to apply security updates issued by Microsoft three weeks ago, adding to a chorus of voices urging haste. “The National Security Agency is urging Microsoft Windows administrators and users to ensure they are using a patched and updated system in the face of growing threats,” the NSA said in a June 4 advisory. The agency’s advice followed by several days that of Microsoft itself. On Thursday, May 30, a company official reminded users of the updates – which the company released May 14 – and implied that time is short. “We strongly advise that all affected systems should be updated as soon as possible,” Simon Pope, the director of incident response at the Microsoft Security Response Center (MSRC), wrote in a blog post. Microsoft’s plea, at least, was unusual. Once the developer has released a fix it has rarely circled back to remind customers to install a patch, instead assuming that they have done what they were supposed to. The NSA and Microsoft warnings were about flaws in Windows’ Remote Desktop Services that could be exploited by attackers in ways that made the bugs especially dangerous. The vulnerabilities have been stickered with the “BlueKeep” label. “We warned that the vulnerability is ‘wormable,’ and that future malware that exploits this vulnerability could propagate from vulnerable computer to vulnerable computer in a similar way as the WannaCry malware spread across the globe in 2017,” Pope said. The vulnerabilities were so serious that Microsoft made the unprecedented decision to deliver patches not only to still-supported versions of Windows, including Windows 7, but to the outdated Windows XP, which was retired more than five years ago. WannaCry, a ransomware attack that surged across the globe in May 2017, was cited several times by Pope to drive home his point. “There has been no sign of a worm yet ((but)) this does not mean that we’re out of the woods,” he said. “If we look at the events leading up to the start of the WannaCry attacks, they serve to inform the risks of not applying fixes for this vulnerability in a timely manner. “It is possible that we won’t see this vulnerability incorporated into malware,” concluded Pope. “But that’s not the way to bet.” On that score, in fact, Pope intimated that Microsoft knows more than it’s saying. “Microsoft is confident that an exploit exists for this vulnerability,” he said in last week’s blog post. Then on Twitter this week after the NSA issued its bulletin, Pope tweeted, “I cannot urge you enough to patch your systems as soon as possible.” The NSA was almost as sure that doom was on the horizon. “It is likely only a matter of time before remote exploitation code is widely available for this vulnerability. NSA is concerned that malicious cyber actors will use the vulnerability in ransomware and exploit kits containing other known exploits, increasing capabilities against other unpatched systems. It’s unclear what, exactly, drove Microsoft’s Pope, then the NSA, to issue their patch-now alerts. It may have been the results of an Internet-wide scan by Robert Graham of Errata Security. According to Graham, as of a week ago, almost a million public-facing Windows systems were vulnerable to attack. “This will likely lead to an event as damaging as WannaCry and notPetya from 2017,” Graham wrote in a post. “Hackers are likely to figure out a robust exploit in the next month or two and cause havoc with these machines.” Pope cited Graham’s survey when he told Windows users to patch pronto, adding that, “Many more within corporate networks may also be vulnerable. ((And)) it only takes one vulnerable computer connected to the internet to provide a potential gateway into these corporate networks.” Microsoft has provided links to patches for Windows XP, Windows Vista Windows Server 2003 here; fixes for Windows 7, Windows Server 2008 and Windows Server 2008 R2 can be found here. Related content news analysis Apple earnings: About that iPhone 'slump' in China Based on information from Thursday's earnings report, it seems that data pointing to an iPhone slump in China were over-baked. By Jonny Evans May 03, 2024 9 mins iMac iPhone Apple news Microsoft begins to phase out ‘classic’ Teams Microsoft is encouraging Teams customers to move to the new, faster version of the collaboration app; the older version will be switched off next year. By Matthew Finnegan May 03, 2024 3 mins Microsoft Teams Collaboration Software Productivity Software news analysis Apple confirms it will open up the iPad in Europe this fall The latest efforts to comply with Europe’s Digital Markets Act mean developers can offer to side load apps to both iPhones and iPads in the EU. Apple has also taken steps to improve what it offers to smaller and non-commercial developers in the By Jonny Evans May 02, 2024 6 mins iPad Apple Mobile Apps news Udacity offers laid-off US workers free access to its courses for 30 days Sign-ups will be available over the next 30 days By Lucas Mearian May 02, 2024 4 mins Technology Industry IT Jobs IT Skills Podcasts Videos Resources Events SUBSCRIBE TO OUR NEWSLETTER From our editors straight to your inbox Get started by entering your email address below. Please enter a valid email address Subscribe