Original release date: June 04, 2019
The National Security Agency (NSA) has released a cybersecurity advisory for CVE-2019-0708—a vulnerability dubbed BlueKeep. Although Microsoft has issued a patch, potentially millions of machines are still unpatched and remain vulnerable.
The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review NSA’s news release and advisory, Microsoft Security Response Center’s “A Reminder to Update Your Systems to Prevent a Worm”, and Microsoft Customer Guidance for CVE-2019-0708. CISA recommends patching the affected operating systems:
- Windows 7, Windows Server 2008 R2, and Windows Server 2008
- Windows 2003 and Windows XP
This product is provided subject to this Notification and this Privacy & Use policy.