More than 240,000 machines are still affected by the infamous BlueKeep vulnerability disclosed last year, which are among millions of other systems vulnerable to severe, historic flaws that have since been patched.
The Windows 10 flaw was first disclosed more than a year and a half ago, with fears that it could potentially devastate corporate networks, passing undisturbed from terminal to terminal, if a wormable exploit was developed.
Although businesses were urged to patch their systems against the BlueKeep flaw immediately, researcher Jan Kopriva has suggested that hundreds of thousands of machines are still vulnerable to the notorious bug.
Although there has been a significant decline in the number of BlueKeep-affected machines accessible from the internet, there still appears to be 240,000 of them, Kopriva wrote.
“Given how dangerous and well known BlueKeep is, it rather begs the question of how many other, less well-known critical vulnerabilities are still left unpatched on a similar number of systems,” he added. “And since any of these might potentially come back to haunt us one day, this would seem to be a question worth asking.”
Kopriva collated the number of machines that may still be vulnerable to other infamous flaws by scanning the Shodan search engine for devices. These were all discovered before 2020, and were generally than Kopriva would have expected.
The vulnerability CVE-2019-0211, for example, an Apache HTTP server root privilege escalation flaw, still affects a staggering 3,357,835 machines. The flaw CVE-2019-12525, meanwhile, which was found in the Squid software, still affects 1,219,716 devices.
Similarly to BlueKeep, the HeartBleed OpenSSL flaw still affects 204,878 machines despite having been patched more than six years ago.
While these numbers are generally higher than Kopriva would have expected, he added that Shodan results aren’t necessarily up-to-date, or completely accurate.
He had previously, in November 2019, tried to warn businesses to patch the relevant systems immediately against the BlueKeep flaw. Shortly after the first “mass exploitation” of the vulnerability was discovered in the wild, the researcher presented data suggesting this hadn’t motivated businesses into acting any faster in patching their systems.
-
Is the traditional MSP service desk dead?Industry Insights AI and B2C expectations are reshaping B2B service desks and MSP strategy
-
From phone calls to roll calls: 3CX has the answerHow Yellowgrid, a 3CX Platinum distributor, has taken advantage of 3CX Phone System’s customisable nature to create a time-saving solution already embraced by over 100 UK schools
-
Flaw in Lenovo’s customer service AI chatbot could let hackers run malicious code, breach networksNews Hackers abusing the Lenovo flaw could inject malicious code with just a single prompt
-
Industry welcomes the NCSC’s new Vulnerability Research Initiative – but does it go far enough?News The cybersecurity agency will work with external researchers to uncover potential security holes in hardware and software
-
‘The worst thing an employee could do’: Workers are covering up cyber attacks for fear of reprisal – here’s why that’s a huge problemNews More than one-third of office workers say they wouldn’t tell their cybersecurity team if they thought they had been the victim of a cyber attack.
-
Hackers are targeting Ivanti VPN users again – here’s what you need to knowNews Ivanti has re-patched a security flaw in its Connect Secure VPN appliances that's been exploited by a China-linked espionage group since at least the middle of March.
-
Broadcom issues urgent alert over three VMware zero-daysNews The firm says it has information to suggest all three are being exploited in the wild
-
Nakivo backup flaw still present on some systems months after firms’ ‘silent patch’, researchers claimNews Over 200 vulnerable Nakivo backup instances have been identified months after the firm silently patched a security flaw.
-
Everything you need to know about the Microsoft Power Pages vulnerabilityNews A severe Microsoft Power Pages vulnerability has been fixed after cyber criminals were found to have been exploiting unpatched systems in the wild.
-
Vulnerability management complexity is leaving enterprises at serious riskNews Fragmented data and siloed processes mean remediation is taking too long
