|
Patch reliability is unclear. Unless you have an immediate, pressing need to install a specific patch, don't do it. |
-
BlueKeep now being used in attacks – but the sky isn’t falling
Remember BlueKeep – the “wormable” monster infection that was supposed to take over the Windows world?
Two months ago, I warned that there was a working exploit making the rounds.
We finally saw a slightly modified version of that Metasploit exploit used in a for-real infection. Except it isn’t nearly as scary as originally projected, doesn’t operate as a worm, and isn’t exactly taking the world by storm.
Kevin Beaumont found evidence of the infection in some honeypots he set up – but had stopped monitoring.
huh, the EternalPot RDP honeypots have all started BSOD'ing recently. They only expose port 3389. pic.twitter.com/VdiKoqAwkr
— Kevin Beaumont (@GossiTheDog) November 2, 2019
As expected, folks who have either disabled RDP or blocked port 3389 are fine. Still…
Word to the wise: If you haven’t updated your Win7 or Server 2008/Server 2008R2 machine since May, you better get on the stick.
See, there’s a reason why you have to update sooner or later.
Full details from Catalin Cimpanu at ZDNet. Thx GoneToPlaid (who just had a Tesla mode named after him).
UPDATE:
Since publishing, all BlueKeep activity that I could see has stopped.
— Kevin Beaumont (@GossiTheDog) November 4, 2019
Welcome to our unique respite from the madness.
It's easy to post questions about Windows 11, Windows 10, Win8.1, Win7, Surface, Office, or browse through our Forums. Post anonymously or register for greater privileges. Keep it civil, please: Decorous Lounge rules strictly enforced. Questions? Contact Customer Support.
Plus Membership
Donations from Plus members keep this site going. You can identify the people who support AskWoody by the Plus badge on their avatars.
AskWoody Plus members not only get access to all of the contents of this site -- including Susan Bradley's frequently updated Patch Watch listing -- they also receive weekly AskWoody Plus Newsletters (formerly Windows Secrets Newsletter) and AskWoody Plus Alerts, emails when there are important breaking developments. Click here for details and to sign up.
Recent Topics
-
Windows 11 Insider Preview build 22000.706 released to Release Preview
by 8 hours, 8 minutes ago
-
Norton website trying to save files unprompted
by 40 minutes ago
-
Passing a value to the next Mail Merge record
by 16 hours, 56 minutes ago
-
Malwarebytes Free start-up
by 5 hours, 45 minutes ago
-
Microsoft Teams, Windows 11 hacked on first day of Pwn2Own
by 17 hours, 43 minutes ago
-
DotNET 4.5 EOS โ unhide and install 4.8 on Windows 7?
by 11 hours, 11 minutes ago
-
Master Patch List as of May 19, 2022 – out of band for server auth issues
by 4 hours, 7 minutes ago
-
Flashing Screen when moving from one screen to another one
by 17 hours, 57 minutes ago
-
Bitlocker, Windows 10 Home, and Dell AIO
by 23 hours, 41 minutes ago
-
All my Spreadsheets seemed to have SHARE turned on, how do I turn it off?
by 18 hours, 32 minutes ago
-
Why is a “spam” message not in Gmail’s “all mail”
by 1 day, 5 hours ago
-
Gmail messages unaccountably will not “forward”
by 17 hours, 53 minutes ago
-
Verizon Cell hotspot device?
by 23 hours, 11 minutes ago
-
Disabling middle click paste
by 8 hours, 43 minutes ago
-
The 2022 Milky Way Photographer of the Year
by 11 hours, 35 minutes ago
-
Windows 11 is designated for broad deployment.
by 1 day, 9 hours ago
-
Manifest v3 in Firefox: Recap & Next Steps
by 18 hours, 3 minutes ago
-
Brave 1.38 for iOS Debuts Privacy Hub
by 1 day, 20 hours ago
-
Word in Office 2019 Resists Creating Hyperlinks in PDFs
by 1 day, 10 hours ago
-
Want app to delete same file on 2 other drives when I delete file on first drive
by 27 minutes ago
-
Windows 11 Insider Preview build 25120 released to DEV
by 7 hours, 46 minutes ago
-
Are you aware of Global privacy Control?
by 8 hours, 13 minutes ago
-
Webinar on AD security
by 2 days, 6 hours ago
-
The annoyances of the default behavior in Teams
by 9 hours, 55 minutes ago
-
Microsoft Mail 2FA not working
by 1 day, 7 hours ago
-
chimpstatic
by 3 days, 3 hours ago
-
Yahoo.com freezes Firefox
by 2 days, 3 hours ago
-
Ensure AltSecID attribute on the krbgt account is not populated
by 2 days, 23 hours ago
-
“Notify…” box (subscribe to topic)
by 3 days, 9 hours ago
-
Trackers may collect data that you type even before hitting submit
by 2 days, 8 hours ago
