A year and a half after Microsoft disclosed the BlueKey high-risk vulnerability that exists in Windows RDP services, at least 245,000 Windows devices remain unresoled, meaning they remain vulnerable to hackers. BlueKey first discovered in May 2019 that 25 percent of devices found to be vulnerable in scans of 950,000 devices.
Similarly, more than 103,000 Windows devices remain vulnerable to SMBGhost, a vulnerability that exists in the server message block v3 (SMB) protocol that came with the new version of Windows released in March 2020.
Both vulnerabilities allow attackers to remotely control Windows systems and are considered some of the most serious errors disclosed in Windows over the past few years. However, according to research conducted over the past few weeks by JAN Kopriva, SANS ISC administrator, many systems remain unfed, despite the severity of the two vulnerabilities.
According to the Czech security researcher, there are still millions of devices around the world that are at risk of security and cannot be fixed by administrators, make them very vulnerable to being taken over by malicious attackers. These systems include systems such as IIS servers, Exim e-mail agents, OpenSSL clients, and WordPress websites.
The reason why these systems are not patched is still unknown, but even recent warnings from U.S. government cybersecurity agencies have not helped. Despite these warnings, more than 268,000 Exim servers were not patched for Exim errors, and more than 245,000 were not patched for BlueKey.