Microsoft is warning users of legacy Windows OS systems that they must act quickly to patch the newly-detected BlueKeep Wormable vulnerability or face dire consequences that could rise to the level of the WannaCry attack that shut down systems worldwide in 2017. Yikes.
“An attacker who successfully exploited this vulnerability could execute arbitrary code on the target system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.” – Microsoft, 05/14/2019
To prevent another such catastrophic and global ransomware propagation, organizations are scrambling to identify and remediate assets that are vulnerable as per Microsoft’s recent announced critical flaw CVE-2019-0708 that affects legacy operating systems — Windows 2003, Windows 7, Server 2008, and XP. However, this remains a daunting challenge for enterprises who have deployed vast numbers of network-connected devices – medical, industrial, manufacturing, facilities, and other OT/IOT – that run on embedded legacy Windows operating systems. In today’s hyper-connected enterprise, the massive quantity and heterogeneity of these connected devices makes the task of addressing this critical vulnerability even more daunting.
Take control with Ordr.
The Ordr Systems Control Engine, or SCE, can quickly and automatically identify all devices connected to your enterprise network that are vulnerable. Critically, the Ordr SCE uses only passive monitoring techniques, which – unlike active vulnerability scanning tools – will not disrupt your mission-critical and often sensitive equipment. You can procure a list of these systems quickly, and bypass the traditionally manual and time-consuming process of physically tracking down known inventory assets and assessing each individually for risk and vulnerability. Timing is critical, so eliminating this manual process will save you not only time and money, it could be critical in protecting your brand, in ensuring the security of your data, in possibly saving lives.
Once you know what’s at risk, you can easily use the Ordr SCE to automate and deploy microsegmentation policies, enabling your infrastructure to basically operate as a bodyguard for each device, to isolate and protect each device from any future exploit that weaponizes CVE-2019-0708. These protections can be implemented in your existing network and security tooling, such as your switches, NAC tools, and firewalls. This compensating control allows you to dramatically reduce the risk so you can confidently continue to operate your legacy equipment until, at some point, the manufacture provides a patch.