Microsoft has fixed two new remotely exploitable vulnerabilities in Windows that are similar to the BlueKeep bug and could be exploited by a worm.
Zero day vulnerabilities exploited in the wild is never good news, but if the user's machine is running the latest version of the operating system, the chances are good that the attack won't be successful against that machine, according to a Microsoft security engineer.
There has been a lot of discussion about protecting voting systems so that ballots can’t be changed or manipulated over the past two years, but the attacks Microsoft warned about are not related to the voting process.
A public exploit for BlueKeep has not yet been released, but a number of researchers have developed proofs-of-concept exploiting the Remote Desktop Protocol (RDP) vulnerability. Time may be running out for organizations that have still not applied Microsoft's patch.
It took only a few days for a Linux worm to start exploiting the vulnerability in the Exim mail transfer agent. Microsoft said some Azure customers have already been affected.