IT Pro is supported by its audience. When you purchase through links on our site, we may earn an affiliate commission. Learn more

BlueKeep is still haunting thousands of enterprise systems

Millions of devices in total are vulnerable to historic security threats that have been patched

More than 240,000 machines are still affected by the infamous BlueKeep vulnerability disclosed last year, which are among millions of other systems vulnerable to severe, historic flaws that have since been patched.

The Windows 10 flaw was first disclosed more than a year and a half ago, with fears that it could potentially devastate corporate networks, passing undisturbed from terminal to terminal, if a wormable exploit was developed.

Although businesses were urged to patch their systems against the BlueKeep flaw immediately, researcher Jan Kopriva has suggested that hundreds of thousands of machines are still vulnerable to the notorious bug.

Although there has been a significant decline in the number of BlueKeep-affected machines accessible from the internet, there still appears to be 240,000 of them, Kopriva wrote. 

“Given how dangerous and well known BlueKeep is, it rather begs the question of how many other, less well-known critical vulnerabilities are still left unpatched on a similar number of systems,” he added. “And since any of these might potentially come back to haunt us one day, this would seem to be a question worth asking.”

Kopriva collated the number of machines that may still be vulnerable to other infamous flaws by scanning the Shodan search engine for devices. These were all discovered before 2020, and were generally than Kopriva would have expected.

The vulnerability CVE-2019-0211, for example, an Apache HTTP server root privilege escalation flaw, still affects a staggering 3,357,835 machines. The flaw CVE-2019-12525, meanwhile, which was found in the Squid software, still affects 1,219,716 devices.

Similarly to BlueKeep, the HeartBleed OpenSSL flaw still affects 204,878 machines despite having been patched more than six years ago.

While these numbers are generally higher than Kopriva would have expected, he added that Shodan results aren’t necessarily up-to-date, or completely accurate. 

He had previously, in November 2019, tried to warn businesses to patch the relevant systems immediately against the BlueKeep flaw. Shortly after the first “mass exploitation” of the vulnerability was discovered in the wild, the researcher presented data suggesting this hadn’t motivated businesses into acting any faster in patching their systems.

Featured Resources

Join the 90% of enterprises accelerating to the cloud

Business transformation through digital modernisation

Free Download

Delivering on demand: Momentum builds toward flexible IT

A modern digital workplace strategy

Free download

Modernise the workforce experience

Actionable insights and an optimised experience for both IT and end users

Free Download

The digital workplace roadmap

A leader's guide to strategy and success

Free Download

Recommended

Solve cyber resilience challenges with storage solutions
Whitepaper

Solve cyber resilience challenges with storage solutions

4 Jul 2022
Storage's role in addressing the challenges of ensuring cyber resilience
Whitepaper

Storage's role in addressing the challenges of ensuring cyber resilience

4 Jul 2022
Introducing IBM Security QRadar XDR
Whitepaper

Introducing IBM Security QRadar XDR

4 Jul 2022
The Total Economic Impact™ of IBM Security MaaS360 with Watson
Whitepaper

The Total Economic Impact™ of IBM Security MaaS360 with Watson

4 Jul 2022

Most Popular

Universities are fighting a cyber security war on multiple fronts
cyber security

Universities are fighting a cyber security war on multiple fronts

4 Jul 2022
Hackers claim to steal personal data of over a billion people in China
data breaches

Hackers claim to steal personal data of over a billion people in China

4 Jul 2022
Raspberry Pi launches next-gen Pico W microcontroller with networking support
Hardware

Raspberry Pi launches next-gen Pico W microcontroller with networking support

1 Jul 2022