Microsoft has warned anyone using Windows operating systems earlier than 8 could be affected. Photo / AP
Microsoft has warned anyone using Windows operating systems earlier than 8 could be affected. Photo / AP
About a million Windows users could be at risk of a highly spreadable ransomware attack, experts fear could be as troubling as the 2017 WannaCry cyberattack.
Concerns surrounding the potential severity of BlueKeep has prompted New Zealand's Cyber Security Centre and Microsoft to issue urgent warnings for users to update their operating systems.
Microsoft says any operating system earlier than Windows 8 is at risk with internet security company AVG warning users to check if their operating system is 'dangerously out of date'.
Microsoft alerted users to BlueKeep earlier this year, but have warned more than a million computers are still vulnerable.
The vulnerability involves a common Windows protocol, which can allow hackers to remotely takeover a computer without any input from the machine's owner.
That cybervirus spread rapidly to the point where the UK National Health Service and European telecommunications and automotive services were affected.
CERT NZ has recommended Kiwis update their operating sysem as soon as possible, saying once you have updated your software you are no longer at risk.
Windows 7, XP, Windows Server 2008 R2, and Windows Server 2008 and out-of-support systems including Windows 2003 are affected, while Windows 8 and 10 are not, according to CERT NZ.
Australia's Cyber Security Centre estimates WannaCry cost the global economy hundreds of millions in lost revenue and repair bills.
More than a year later MalwareBytes revealed WannaCry was still impacting thousands of Australian computer users and millions globally.
In 2018, it found 3388 cases of WannaCry on Australian systems but said globally that number was closer to three million computers.
Microsoft says BlueKeep is able to 'worm' its way into computer systems with no owner interaction at all.
ACSC warned last month, adding BlueKeep has the potential for "significant, widespread harm around the world."
"The BlueKeep vulnerability is readily available to cyber criminals who seek to exploit vulnerable systems en masse. These criminal groups are not necessarily targeting unsuspecting users; they're simply sweeping the landscape for vulnerable, outdated systems that are easily penetrable."
Microsoft has even issued updates for XP despite ending support for the operating system. Photo / News Corp Australia
Microsoft warns up to one million computers connected directly to the internet are vulnerable to BlueKeep.
The tech company is offering fixes for vulnerable operating systems, including Windows 7, Windows Server 2008 R2, and Windows Server 2008 and out-of-support systems including Windows 2003 and Window XP. Windows 10 is not affected.
"If you're using Windows 7, we recommend you update your Windows software as soon as possible," CERT NZ says.
"If you're using Windows XP, we recommend you upgrade to a new version of Windows.
these updates will not happen automatically, it is important that users of these systems update them manually.
"If you're using Windows 8 or Windows 10, you don't need to do anything as these systems are not affected. CERT NZ recommends you turn on automatic updates so that future software updates can happen automatically."
