Critical Vulnerability Found in RDP and Crypto API

Windows 10 is vulnerable

Microsoft released software fixes on January 14th to shore up issues with Windows Remote Desktop Gateway (RD Gateway), Windows Remote Desktop Client, and Windows CryptoAPI. These vulnerabilities affect Windows machines running 32bit or 64bit versions of Windows 7 and newer, and Windows Server 2012 and newer. Microsoft strongly encourages all users of these versions of Windows to install the latest updates available to address these vulnerabilities.

For more information click the link below.

https://www.us-cert.gov/ncas/alerts/aa20-014a

BlueKeep creates concern for Windows 7 users.

The latest threat to Windows users comes in the form of a vulnerability that allows an attacker to take control of a computer remotely. According to WikiPedia here’s the definition:

BlueKeep (CVE2019-0708) is a security vulnerability that was discovered in Microsoft‘s Remote Desktop Protocol, which allows for the possibility of remote code execution.

The remote code execution is the most concerning since it could potentially allow hackers to install software on the remote system and use tools such as self propagating worms to spread across a network.

All users of Windows 7, Windows Server 2008, and Windows Server 2008 R2 are being strongly urged to install Windows updates from Microsoft to protect against this threat.

Windows 7 End of Life

After January 14, 2020, Microsoft will no longer provide security updates or support for PCs running Windows 7. Now is the time to upgrade to Windows 10. You can either upgrade on existing hardware or consider purchasing a new computer with Windows 10 pre-installed.

See the article below for more information.

https://www.microsoft.com/en-us/microsoft-365/windows/end-of-windows-7-support

Contact us to find out what your best options will be to upgrade to Windows 10.