Remember BluKeep and SMBGhost? They may be forgotten but not gone. New research from Jan Kopriva shows that unpatched vulnerabilities are a goldmine for cybercriminals. More than 245,000 systems remain vulnerable to BluKeep and over 103,000 Windows systems can still be affected by SMBGhost.
Satnam Narang, Staff Research Engineer, Tenable comments on the urgency to apply patches to these long overdue vulnerabilities.
“The findings in Jan Kopriva’s research supports a narrative that has persisted for some time: unpatched vulnerabilities are extremely valuable to cybercriminals. Some of the vulnerabilities referenced date back as far as 2014. Despite patches being available for six years, there are still hundreds of thousands of publicly accessible systems vulnerable to flaws like Heartbleed.
“With a vulnerability like BlueKeep (CVE-2019-0708), we have seen the number of vulnerable, publicly accessible systems decline over time and while that certainly helps, there are still far too many vulnerable systems out there. In fact, a recent report from FireEye found that threat actors were utilising BlueKeep as part of their reconnaissance efforts after they exploited a zero-day vulnerability to gain initial access into their target environment.
“In May 2020, the Cybersecurity and Infrastructure Security Agency (CISA) published a list of Top 10 Routinely Exploited Vulnerabilities over the last several years. The report highlights how state-sponsored threat actors don’t need to invest time or capital in developing or acquiring zero-day vulnerabilities when there are so many unpatched systems out there and readily available proof-of-concept exploit code at their disposal. Reports like these reinforce the challenge we face today when it comes to unpatched systems. We strongly urge organisations to apply patches to these long overdue vulnerabilities immediately.”