{"id":89714,"date":"2019-08-08T09:00:57","date_gmt":"2019-08-08T16:00:57","guid":{"rendered":""},"modified":"2025-06-30T01:57:10","modified_gmt":"2025-06-30T08:57:10","slug":"protect-against-bluekeep","status":"publish","type":"post","link":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2019\/08\/08\/protect-against-bluekeep\/","title":{"rendered":"Protect against BlueKeep"},"content":{"rendered":"\n<p class=\"wp-block-paragraph\">Worms are the cause of many cyber headaches. They can easily replicate themselves to spread malicious malware to other computers in your network. As the field responders providing Microsoft enterprise customers with onsite assistance to serious cybersecurity threats, our Detection and Response Team (DART) has seen quite a few worms. If you\u2019ve <a href=\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2019\/03\/25\/dart-the-microsoft-cybersecurity-team-we-hope-you-never-meet\/\" target=\"_blank\" rel=\"noopener noreferrer\">met the DART Team<\/a>, then you know your worms are our concern and that\u2019s why we keep an eye out for BlueKeep.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"protect-against-bluekeep\">Protect against BlueKeep<\/h2>\n\n\n\n<p class=\"wp-block-paragraph\">This summer, the DART team has been preparing for <a href=\"https:\/\/blogs.technet.microsoft.com\/msrc\/2019\/05\/14\/prevent-a-worm-by-updating-remote-desktop-services-cve-2019-0708\/\" target=\"_blank\" rel=\"noopener noreferrer\">CVE-2019-0708<\/a>, colloquially known as BlueKeep, and has some advice on how you can protect your network. The BlueKeep vulnerability is \u201cwormable,\u201d meaning it creates the risk of a large-scale outbreak due to its ability to replicate and propagate, similar to <a href=\"https:\/\/en.wikipedia.org\/wiki\/Conficker\" target=\"_blank\" rel=\"noopener noreferrer\">Conficker<\/a> and <a href=\"https:\/\/en.wikipedia.org\/wiki\/WannaCry_ransomware_attack\" target=\"_blank\" rel=\"noopener noreferrer\">WannaCry<\/a>. Conficker has been widely estimated to have impacted 10- to 12-million computer systems worldwide. WannaCry was responsible for approximately $300 million in damages at just one global enterprise.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">To protect against BlueKeep, we strongly recommend you apply the <a href=\"https:\/\/support.microsoft.com\/en-us\/help\/4027667\/windows-10-update\" target=\"_blank\" rel=\"noopener noreferrer\">Windows Update<\/a>, which includes a patch for the vulnerability. If you use Remote Desktop in your environment, it\u2019s very important to apply all the updates. If you have Remote Desktop Protocol (RDP) listening on the internet, we also strongly encourage you to move the RDP listener behind some type of second factor authentication, such as VPN, SSL Tunnel, or RDP gateway.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">You also want to enable Network Level Authentication (NLA), which is a mitigation to prevent un-authenticated access to the RDP tunnel. NLA forces users to authenticate before connecting to remote systems, which dramatically decreases the chance of success for RDP-based worms. The DART team highly recommends you enable NLA regardless of this patch, as it mitigates a whole slew of other attacks against RDP.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">If you\u2019re already aware of the BlueKeep remediation methods, but are thinking about testing it before going live, we recommend that you <a href=\"https:\/\/support.microsoft.com\/en-us\/help\/4027667\/windows-10-update\" target=\"_blank\" rel=\"noopener noreferrer\">deploy the patch<\/a>. It\u2019s important to note that the exploit code is now publicly and widely available to everyone, including malicious actors. By exploiting a vulnerable RDP system, attackers will also have access to all user credentials used on the RDP system.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"why-the-urgency\">Why the urgency?<\/h2>\n\n\n\n<p class=\"wp-block-paragraph\">Via open source telemetry, we see more than 400,000 endpoints lacking any form of network level authentication, which puts each of these systems potentially at risk from a worm-based weaponization of the BlueKeep vulnerability.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">The timeline between patch release and the appearance of a worm outbreak is difficult to predict and varies from case to case. As always, the DART team is ready for the worst-case scenario. We also want to help our customers be prepared, so we\u2019re sharing a few previous worms and the timeline from patch to attack. Hopefully, this will encourage everyone to patch immediately.<\/p>\n\n\n\n<figure class=\"wp-block-image\"><img loading=\"lazy\" decoding=\"async\" width=\"571\" height=\"147\" src=\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/\/wp-content\/uploads\/2019\/08\/patch-release-image.png\" alt=\"Chart showing vulnerability, patch release, and outbreak. Vulnerability: MS08-067; Patch release: October 23, 2008; Outbreak: late December 2008. Vulnerability: MS17-010; Patch release: March 14, 2017; Outbreak: May 12, 2017. Vulnerability: CVE-2019-0708; Patch release: May 13, 2019; Outbreak column shows three question marks.\" class=\"wp-image-89715\" srcset=\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-content\/uploads\/2019\/08\/patch-release-image.png 571w, https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-content\/uploads\/2019\/08\/patch-release-image-300x77.png 300w\" sizes=\"auto, (max-width: 571px) 100vw, 571px\" \/><\/figure>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"learn-more\">Learn more<\/h2>\n\n\n\n<p class=\"wp-block-paragraph\">To learn more about DART, our engagements, and how they are delivered by experienced cybersecurity professionals who devote 100 percent of their time to providing cybersecurity solutions to customers worldwide, please contact your account executive. Bookmark the\u202f<a href=\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/\" target=\"_blank\" rel=\"noopener noreferrer\">Security blog<\/a>\u202fto keep up with our expert coverage on security matters. Also, follow us at\u202f<a href=\"https:\/\/twitter.com\/@MSFTSecurity\" target=\"_blank\" rel=\"noopener noreferrer\">@MSFTSecurity<\/a>\u202ffor the latest news and updates on cybersecurity.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\"><em>This document is for informational purposes only and Microsoft makes no warranties, express or implied, in this blog.<\/em><\/p>\n","protected":false},"excerpt":{"rendered":"<p>DART offers steps you can take to protect your network from BlueKeep, the \u201cwormable\u201d vulnerability that can create a large-scale outbreak due to its ability to replicate and propagate.<\/p>\n","protected":false},"author":96,"featured_media":89717,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"ms_queue_id":[],"ep_exclude_from_search":false,"_classifai_error":"","_classifai_text_to_speech_error":"","_alt_title":"","ms-ems-related-posts":[],"footnotes":""},"post_tag":[],"threat-intelligence":[3727],"content-type":[3663],"job-role":[],"product":[],"topic":[3674,3687],"coauthors":[2064],"class_list":["post-89714","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","threat-intelligence-attacker-techniques-tools-and-infrastructure","content-type-research","topic-incident-response","topic-threat-intelligence","review-flag-1694638271-781","review-flag-alway-1694638263-571","review-flag-percent","review-flag-summe-1694638270-916"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.2 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>Protect against BlueKeep<\/title>\n<meta name=\"description\" content=\"DART offers steps you can take to protect your network from BlueKeep, the \u201cwormable\u201d vulnerability that can create a large-scale outbreak due to its ability to replicate and propagate.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2019\/08\/08\/protect-against-bluekeep\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Protect against BlueKeep\" \/>\n<meta property=\"og:description\" content=\"DART offers steps you can take to protect your network from BlueKeep, the \u201cwormable\u201d vulnerability that can create a large-scale outbreak due to its ability to replicate and propagate.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2019\/08\/08\/protect-against-bluekeep\/\" \/>\n<meta property=\"og:site_name\" content=\"Microsoft Security Blog\" \/>\n<meta property=\"article:published_time\" content=\"2019-08-08T16:00:57+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2025-06-30T08:57:10+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-content\/uploads\/2019\/08\/DART-BlueKeep-full-size.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"2000\" \/>\n\t<meta property=\"og:image:height\" content=\"1334\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Microsoft Incident Response\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:image\" content=\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-content\/uploads\/2019\/08\/DART-BlueKeep-full-size.jpg\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Microsoft Incident Response\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"3 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2019\/08\/08\/protect-against-bluekeep\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2019\/08\/08\/protect-against-bluekeep\/\"},\"author\":[{\"@id\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/author\/detection-and-response-team-dart\/\",\"@type\":\"Person\",\"@name\":\"Microsoft Incident Response\"}],\"headline\":\"Protect against BlueKeep\",\"datePublished\":\"2019-08-08T16:00:57+00:00\",\"dateModified\":\"2025-06-30T08:57:10+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2019\/08\/08\/protect-against-bluekeep\/\"},\"wordCount\":546,\"publisher\":{\"@id\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/#organization\"},\"image\":{\"@id\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2019\/08\/08\/protect-against-bluekeep\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-content\/uploads\/2019\/08\/DART-BlueKeep-card.jpg\",\"articleSection\":[\"Incident response\",\"Microsoft Detection and Response Team (DART)\",\"Network security\",\"Security intelligence\",\"Threat protection\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2019\/08\/08\/protect-against-bluekeep\/\",\"url\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2019\/08\/08\/protect-against-bluekeep\/\",\"name\":\"Protect against BlueKeep\",\"isPartOf\":{\"@id\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2019\/08\/08\/protect-against-bluekeep\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2019\/08\/08\/protect-against-bluekeep\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-content\/uploads\/2019\/08\/DART-BlueKeep-card.jpg\",\"datePublished\":\"2019-08-08T16:00:57+00:00\",\"dateModified\":\"2025-06-30T08:57:10+00:00\",\"description\":\"DART offers steps you can take to protect your network from BlueKeep, the \u201cwormable\u201d vulnerability that can create a large-scale outbreak due to its ability to replicate and propagate.\",\"breadcrumb\":{\"@id\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2019\/08\/08\/protect-against-bluekeep\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2019\/08\/08\/protect-against-bluekeep\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2019\/08\/08\/protect-against-bluekeep\/#primaryimage\",\"url\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-content\/uploads\/2019\/08\/DART-BlueKeep-card.jpg\",\"contentUrl\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-content\/uploads\/2019\/08\/DART-BlueKeep-card.jpg\",\"width\":440,\"height\":268,\"caption\":\"Image of a man working at a laptop.\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2019\/08\/08\/protect-against-bluekeep\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Protect against BlueKeep\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/#website\",\"url\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/\",\"name\":\"Microsoft Security Blog\",\"description\":\"Expert coverage of cybersecurity topics\",\"publisher\":{\"@id\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/#organization\",\"name\":\"Microsoft Security Blog\",\"url\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-content\/uploads\/2018\/08\/cropped-cropped-microsoft_logo_element.png\",\"contentUrl\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-content\/uploads\/2018\/08\/cropped-cropped-microsoft_logo_element.png\",\"width\":512,\"height\":512,\"caption\":\"Microsoft Security Blog\"},\"image\":{\"@id\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/#\/schema\/logo\/image\/\"}},{\"@type\":\"Person\",\"@id\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/#\/schema\/person\/112e0d6f7a2c99efae36a4a1b2403c2d\",\"name\":\"Teri Seals-Dormer\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/secure.gravatar.com\/avatar\/c94dbb0d416ec556cf564fa18bc9ac227ba2ce7b653774bdcc4c631f793fd674?s=96&d=microsoft&r=g03d4afda56ae931a7066d88415e8df14\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/c94dbb0d416ec556cf564fa18bc9ac227ba2ce7b653774bdcc4c631f793fd674?s=96&d=microsoft&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/c94dbb0d416ec556cf564fa18bc9ac227ba2ce7b653774bdcc4c631f793fd674?s=96&d=microsoft&r=g\",\"caption\":\"Teri Seals-Dormer\"},\"url\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/author\/v-teseal\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Protect against BlueKeep","description":"DART offers steps you can take to protect your network from BlueKeep, the \u201cwormable\u201d vulnerability that can create a large-scale outbreak due to its ability to replicate and propagate.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2019\/08\/08\/protect-against-bluekeep\/","og_locale":"en_US","og_type":"article","og_title":"Protect against BlueKeep","og_description":"DART offers steps you can take to protect your network from BlueKeep, the \u201cwormable\u201d vulnerability that can create a large-scale outbreak due to its ability to replicate and propagate.","og_url":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2019\/08\/08\/protect-against-bluekeep\/","og_site_name":"Microsoft Security Blog","article_published_time":"2019-08-08T16:00:57+00:00","article_modified_time":"2025-06-30T08:57:10+00:00","og_image":[{"width":2000,"height":1334,"url":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-content\/uploads\/2019\/08\/DART-BlueKeep-full-size.jpg","type":"image\/jpeg"}],"author":"Microsoft Incident Response","twitter_card":"summary_large_image","twitter_image":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-content\/uploads\/2019\/08\/DART-BlueKeep-full-size.jpg","twitter_misc":{"Written by":"Microsoft Incident Response","Est. reading time":"3 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2019\/08\/08\/protect-against-bluekeep\/#article","isPartOf":{"@id":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2019\/08\/08\/protect-against-bluekeep\/"},"author":[{"@id":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/author\/detection-and-response-team-dart\/","@type":"Person","@name":"Microsoft Incident Response"}],"headline":"Protect against BlueKeep","datePublished":"2019-08-08T16:00:57+00:00","dateModified":"2025-06-30T08:57:10+00:00","mainEntityOfPage":{"@id":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2019\/08\/08\/protect-against-bluekeep\/"},"wordCount":546,"publisher":{"@id":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/#organization"},"image":{"@id":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2019\/08\/08\/protect-against-bluekeep\/#primaryimage"},"thumbnailUrl":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-content\/uploads\/2019\/08\/DART-BlueKeep-card.jpg","articleSection":["Incident response","Microsoft Detection and Response Team (DART)","Network security","Security intelligence","Threat protection"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2019\/08\/08\/protect-against-bluekeep\/","url":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2019\/08\/08\/protect-against-bluekeep\/","name":"Protect against BlueKeep","isPartOf":{"@id":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2019\/08\/08\/protect-against-bluekeep\/#primaryimage"},"image":{"@id":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2019\/08\/08\/protect-against-bluekeep\/#primaryimage"},"thumbnailUrl":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-content\/uploads\/2019\/08\/DART-BlueKeep-card.jpg","datePublished":"2019-08-08T16:00:57+00:00","dateModified":"2025-06-30T08:57:10+00:00","description":"DART offers steps you can take to protect your network from BlueKeep, the \u201cwormable\u201d vulnerability that can create a large-scale outbreak due to its ability to replicate and propagate.","breadcrumb":{"@id":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2019\/08\/08\/protect-against-bluekeep\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.microsoft.com\/en-us\/security\/blog\/2019\/08\/08\/protect-against-bluekeep\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2019\/08\/08\/protect-against-bluekeep\/#primaryimage","url":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-content\/uploads\/2019\/08\/DART-BlueKeep-card.jpg","contentUrl":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-content\/uploads\/2019\/08\/DART-BlueKeep-card.jpg","width":440,"height":268,"caption":"Image of a man working at a laptop."},{"@type":"BreadcrumbList","@id":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2019\/08\/08\/protect-against-bluekeep\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/"},{"@type":"ListItem","position":2,"name":"Protect against BlueKeep"}]},{"@type":"WebSite","@id":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/#website","url":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/","name":"Microsoft Security Blog","description":"Expert coverage of cybersecurity topics","publisher":{"@id":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/#organization","name":"Microsoft Security Blog","url":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-content\/uploads\/2018\/08\/cropped-cropped-microsoft_logo_element.png","contentUrl":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-content\/uploads\/2018\/08\/cropped-cropped-microsoft_logo_element.png","width":512,"height":512,"caption":"Microsoft Security Blog"},"image":{"@id":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/#\/schema\/logo\/image\/"}},{"@type":"Person","@id":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/#\/schema\/person\/112e0d6f7a2c99efae36a4a1b2403c2d","name":"Teri Seals-Dormer","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/c94dbb0d416ec556cf564fa18bc9ac227ba2ce7b653774bdcc4c631f793fd674?s=96&d=microsoft&r=g03d4afda56ae931a7066d88415e8df14","url":"https:\/\/secure.gravatar.com\/avatar\/c94dbb0d416ec556cf564fa18bc9ac227ba2ce7b653774bdcc4c631f793fd674?s=96&d=microsoft&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/c94dbb0d416ec556cf564fa18bc9ac227ba2ce7b653774bdcc4c631f793fd674?s=96&d=microsoft&r=g","caption":"Teri Seals-Dormer"},"url":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/author\/v-teseal\/"}]}},"bloginabox_animated_featured_image":null,"bloginabox_display_generated_audio":false,"distributor_meta":false,"distributor_terms":false,"distributor_media":false,"distributor_original_site_name":"Microsoft Security Blog","distributor_original_site_url":"https:\/\/www.microsoft.com\/en-us\/security\/blog","push-errors":false,"_links":{"self":[{"href":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-json\/wp\/v2\/posts\/89714","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-json\/wp\/v2\/users\/96"}],"replies":[{"embeddable":true,"href":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-json\/wp\/v2\/comments?post=89714"}],"version-history":[{"count":1,"href":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-json\/wp\/v2\/posts\/89714\/revisions"}],"predecessor-version":[{"id":140776,"href":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-json\/wp\/v2\/posts\/89714\/revisions\/140776"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-json\/wp\/v2\/media\/89717"}],"wp:attachment":[{"href":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-json\/wp\/v2\/media?parent=89714"}],"wp:term":[{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-json\/wp\/v2\/post_tag?post=89714"},{"taxonomy":"threat-intelligence","embeddable":true,"href":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-json\/wp\/v2\/threat-intelligence?post=89714"},{"taxonomy":"content-type","embeddable":true,"href":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-json\/wp\/v2\/content-type?post=89714"},{"taxonomy":"job-role","embeddable":true,"href":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-json\/wp\/v2\/job-role?post=89714"},{"taxonomy":"product","embeddable":true,"href":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-json\/wp\/v2\/product?post=89714"},{"taxonomy":"topic","embeddable":true,"href":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-json\/wp\/v2\/topic?post=89714"},{"taxonomy":"author","embeddable":true,"href":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-json\/wp\/v2\/coauthors?post=89714"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}