Alert

NSA Releases Advisory on BlueKeep Vulnerability

Last Revised

The National Security Agency (NSA) has released a cybersecurity advisory for CVE-2019-0708—a vulnerability dubbed BlueKeep. Although Microsoft has issued a patch, potentially millions of machines are still unpatched and remain vulnerable.

The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review NSA’s advisory, Microsoft Security Response Center’s "A Reminder to Update Your Systems to Prevent a Worm," and Microsoft Customer Guidance for CVE-2019-0708. CISA recommends patching the affected operating systems:

This product is provided subject to this Notification and this Privacy & Use policy.