The National Security Agency (NSA) has issued an alert warning Windows users to install the latest security patches to avoid a WannaCry-like situation. The alert comes after Microsoft released warnings to install fixes for the wormable BlueKeep security vulnerability (tracked as CVE-2019-0708).

"The National Security Agency is urging Microsoft Windows administrators and users to ensure they are using a patched and updated system in the face of growing threats," the alert issued last night reads. "Recent warnings by Microsoft stressed the importance of installing patches to address a protocol vulnerability in older versions of Windows. Microsoft has warned that this flaw is potentially “wormable,” meaning it could spread without user interaction across the internet. We have seen devastating computer worms inflict damage on unpatched systems with wide-ranging impact, and are seeking to motivate increased protections against this flaw."

Bethesda’s Full Back Catalog Could Be on Xbox Game Pass, Provided Phil Spencer Approves

Microsoft: BlueKeep could propagate from vulnerable computer to vulnerable computer like the WannaCry malware

As reported earlier, BlueKeep is a vulnerability in the Remote Desktop (RDP) protocol that affects Windows 7, Windows XP, Server 2003 and 2008 putting millions of machines at risk. The NSA's alert comes a week after Microsoft issued a follow-up warning to Windows users to update all impacted systems as soon as possible.

Microsoft had released patches for the BlueKeep vulnerability on May 14. At the time, there was no known exploitation of the vulnerability. The NSA echoed Microsoft's message saying that it is "likely only a matter of time before remote exploitation code is widely available for this vulnerability."

"This is the type of vulnerability that malicious cyber actors frequently exploit through the use of software code that specifically targets the vulnerability," the NSA alert adds.

For example, the vulnerability could be exploited to conduct denial of service attacks. It is likely only a matter of time before remote exploitation code is widely available for this vulnerability. NSA is concerned that malicious cyber actors will use the vulnerability in ransomware and exploit kits containing other known exploits, increasing capabilities against other unpatched systems.

Along with installing patches released by Microsoft, the security agency has also recommended to take the following additional measures: