We’ve made several posts over the past year about “BlueKeep,” a serious exploit present in Windows 7's remote desktop protocol (RDP) that could allow a hacker to take control of someone’s PC. Hell, we even covered recent news about the first successful use of BlueKeep attacks earlier this week, wherein hackers remotely installed cryptocurrency-mining software on vulnerable systems via RDP. And just yesterday, Microsoft’s internal security team posted a new warning saying they expect BlueKeep attacks to not only continue, but increase in sophistication (and severity) as time goes on.
Recent data suggests that there are over 700,000 vulnerable PCs that still have not installed the necessary updates despite repeated urging from Microsoft, major security companies, the US government, and just about every tech publication out there. But what was initially a preventative measure against hypothetical BlueKeep exploits is now the only way to defend against very real attacks.
So, seriously: stop ignoring the warnings and install the security patches to fix the Windows 7 RDP exploit asap—as in, right now, if possible. The same goes for businesses that use Windows Server 2008, Windows Server 2008 R2, and enterprise versions of Windows 7. The specific security patches for your version of Windows can be easily downloaded and installed from Microsoft’s official update page.