Skip to main content
  1. Home
  2. Web
  3. News

NSA warns about Windows exploit, ignores its own role in creation of malware

Georgina Torbet
By
Image used with permission by copyright holder

In a rare occurrence, the National Security Agency (NSA) has published a statement urging people to update their older Windows systems to protect against the BlueKeep vulnerability.

The NSA does not typically comment on cybersecurity vulnerabilities in commercial products, but the potential danger of the recently detailed exploit has lead it to make a statement.

Recommended Videos

“The National Security Agency is urging Microsoft Windows administrators and users to ensure they are using a patched and updated system in the face of growing threats,” the statement read. “We have seen devastating computer worms inflict damage on unpatched systems with wide-ranging impact, and are seeking to motivate increased protections against this flaw.”

Related

The concern over this particular exploit is that it is “wormable,” meaning that it can spread itself from one infected computer to others on the same network. This is a big threat to older machines on a shared network, such as a typical enterprise system, as well as older machines which are connected to the internet.

Although there has not been a worm using this exploit detected yet, both Microsoft and the NSA believe it is only a matter of time until one appears. “NSA is concerned that malicious cyber actors will use the vulnerability in ransomware and exploit kits containing other known exploits, increasing capabilities against other unpatched systems,” the statement said.

The NSA also published an advisory on what steps system administrators should take to protect their networks against this vulnerability.

This is somewhat ironic given the NSA’s role in the creation of the very similar EternalBlue exploit which was recently used to hold the city of Baltimore’s computer systems for ransom. The NSA developed the EternalBlue attack software for its own use, but lost control of it when it was stolen by hackers in 2017. It then caused chaos around the world with the WannaCry and NotPetya cyber attacks. BlueKeep is similar enough to EternalBlue that Microsoft compared the two of them in its warning to users about the vulnerability.

The NSA has never formally acknowledged its role in the creation of malware, even though Microsoft itself pointed the finger at the NSA for the problems caused by “the stockpiling of vulnerabilities” and condemned it for allowing the malware to be stolen. “An equivalent scenario with conventional weapons would be the U.S. military having some of its Tomahawk missiles stolen,” Microsoft said.

Editors' Recommendations

Topics
Georgina Torbet
Georgina Torbet
Space Writer
Georgina is the Digital Trends space writer, covering human space exploration, planetary science, and cosmology. She…
How to create a Subreddit on desktop and mobile
Laptop Working from Home

Few social media sites are as popular as Reddit. Regardless of what you're interested in, there's probably a thriving community for you to interact with on the platform. Known as subreddits, these communities are home to topics like gaming, world news, science, movies, and more. If you can't find a subreddit with your particular interest, Reddit makes it easy to create your own Reddit community.

Running a successful Reddit community isn't easy – but the process of starting one only takes a few minutes. Keep in mind that you'll want to keep a close eye on your subreddit to prevent it from being shut down or turning into a wasteland with no users, but running a subreddit can be a lot of fun when done properly. If you prefer, you can also create a private community that only your friends can join, giving you a place to hang out beyond Twitter and TikTok.

Read more
How to download music from YouTube on desktop and mobile
A woman sitting on a couch, wearing airpods and holding and looking at a smartphone.

Downloading music from YouTube is a fairly common practice, and the demand for making the process easier has inspired the creation of countless websites and software.

But not every service can be considered safe. In fact, some of these services may infect your computer with malware or produce poor-quality audio files. When downloading music from YouTube, you’ll need to first make sure that the websites or apps you use for doing so won’t hurt your device. For this guide our team has found two methods to make the process safer and easier.

Read more
How to clear your browser cache in Chrome, Edge, or Firefox
The Firefox iPhone app.

A stocked computer cache may be convenient for logging into and out of go-to sites in seconds flat, but a major buildup of these tracking codes could significantly impact your PC’s performance. If you’ve noticed that your PC has been running rather slow of late, or you’re using a new browser and don’t know how to clear its cache, we’ve got you covered with the following guide.

Read more