A critical vulnerability in F5 Networks’ BIG-IP networking gear is under active attack, just days after the company first announced the flaw.
Microsoft said it will pause non-security Windows updates beginning in May as part of its plan to reduce the update pressure on IT and security teams, as they are busy keeping organizations operational during the COVID-19 pandemic. Other software companies are adjusting their release schedules, recognizing that IT and security teams are currently stretched thin.
Microsoft fixed a vulnerability in a cryptography component used by Windows 10 and Windows Server. If exploited, attackers would be able to pass off malicious software as legitimate, thus undermining digital trust.
The United States NSA urging enterprises and individuals to install the update addressing the BlueKeep vulnerability on Windows systems as soon as possible.
End-of-life doesn’t mean no longer a threat. Microsoft decided to release security updates for no longer supported Windows 2003 and Windows XP systems to fix a bug that could be exploited by a worm.