Get it offline NOW unless you want to get malware. From Slashdot:
A Widespread BlueKeep 'Exploit' Is Targetting Unpatched Windows 7/XP Computers
When Microsoft issued the first patch in years for Windows XP in May 2019, you knew that something big was brewing. That something was a wormable Windows vulnerability that security experts warned could have a similar impact as the WannaCry worm from 2017. The BlueKeep vulnerability exists in unpatched versions of Windows Server 2003, Windows XP, Windows Vista, Windows 7, Windows Server 2008 and Windows Server 2008 R2: and it's now been confirmed that a BlueKeep exploit attack is currently ongoing...
Security researchers, including Kevin Beaumont who originally named the vulnerability and Marcus Hutchins (also known as MalwareTech) who was responsible for hitting the kill switch that stopped the WannaCry, have confirmed that a widespread BlueKeep exploit attack is now currently underway. Hutchins told Wired that "BlueKeep has been out there for a while now. But this is the first instance where I've seen it being used on a mass scale." It would appear that rather than a wormable threat, where the BlueKeep exploit could spread itself from one machine to another, the attackers are searching for vulnerable unpatched Windows systems that have Remote Desktop Services (RDP) 3389 ports exposed to the internet. This dampens the panic that there could be another WannaCry about to happen, although the potential for such a scenario, albeit on a much smaller scale, certainly remains. For now though, this looks like being an attack campaign with a cryptocurrency miner payload.
These systems are all about 15-20 years old and are well past their service life. If you do not want to upgrade, get them off the internet or else your system will get infected with malware.
Leave a comment