Microsoft has warned users to update Windows against ‘DejaBlue’.
What is DejaBlue? It is a vulnerability that can allow the creation of a worm that may infect millions of PCs. Similar to the BlueKeep flaw. Hence the name DejaBlue!
Microsoft published a warning detailing seven new Windows vulnerabilities that attackers can exploit using the Remote Desktop Protocol (RDP). Of the security flaws, Microsoft warns that two are particularly severe, and malicious actors could use them to create an automated worm that can jump between Windows-powered machines, potentially infecting millions of computers.
While BlueKeep had the potential to create a computer worm like DejaBlue, the new flaws are much worse. BlueKeep affected Windows 7 PCs and earlier. DejaBlue affects everything after as well, including all recent versions of the Windows OS
If you’re not familiar with RDP, it is a tool for administrators to connect to other computers in a network. According to Microsoft, they patched these new bugs themselves while working to improve RDP security. A British intelligence agency, GCHQ, spotted the BlueKeep exploit.
How do I protect myself?
Getting users to update PCs might be a significant hurdle. Since BlueKeep was discovered at the beginning of May 2019, security researchers estimate close to one million PCs were affected. Now, estimates say between 730,000 and 800,000 computers are still vulnerable to BlueKeep.
That being said, DejaBlue may be easier to exploit than BlueKeep and to make it a little worse, it has more incentive since it affects newer computers and potentially more people.
Microsoft has said that users with automatic updates should receive the patch soon but if you’d like to get ahead of the game, please find and download a patch here from the Microsoft website.