Microsoft has recently released a patch to close a major security flaw that was being exploited by cyber attackers in a wave of high-profile ransomware attacks. The vulnerability, which had been lurking for over a year, was being used to target Windows computers with an attack known as EternalBlue.
The vulnerability, first reported in 2017 by security researchers, allowed hackers to exploit an unpatched bug in the Microsoft Server Message Block protocol, which enables computers to interact across networks. This bug allowed an attacker to access and encrypt a computer’s data without its owner’s knowledge or consent. It was reportedly used in high-profile ransomware campaigns such as WannaCry, NotPetya, and Bad Rabbit.
In response, Microsoft released a patch for the bug, assessed as of extremely high severity. The patch is being rolled out automatically to all supported versions of Windows and is recommended for immediate installation to prevent potential attacks. Microsoft also released advisories on how to best secure systems that may not be eligible for Windows Update.
With the patch released, Microsoft is taking a decisive step to ensure further exploitation of the bug does not occur. This latest action from Microsoft shows its commitment to ensuring the security of its customers and comes as NIST’s Cyber Security Framework continues to be a baseline for cyber security compliance and industry best practices.
Given the huge impact of the various ransomware campaigns, it is important that all organizations take steps to secure their systems and networks as soon as possible. This includes patching any known vulnerabilities regularly, using anti-virus protection, and training staff on cyber security measures. This will help protect systems from any potential future attacks, as well as reducing the impact of any successful attacks.
Microsoft’s latest patch should be seen as a success story in how the tech giant responds quickly to cyber security threats. The company should also be commended for releasing the patch in a timely manner, reducing the impact of the vulnerability and the chances of it being exploited further. While the patch is currently available, it is important to remain vigilant in order to prevent future attacks of this magnitude.
Hey Subscribe to our newsletter for more articles like this directly to your email.