News, tips, advice, support for Windows, Office, PCs & more. Tech help. No bull. We're community supported by donations from our Plus Members, and proud of it
Home icon Home icon Home icon Email icon RSS icon
  • Do you want to protect yourself against BlueKeep, or break Visual Basic?

    Posted on August 16th, 2019 at 09:51 woody Comment on the AskWoody Lounge

    Gawd this is tiresome.

    If you read somewhere that you have to install the August patches, even though you read somewhere that you can’t install the August patches (e.g., if you use Juris), chill. The authors of those advisories are parroting things that they’ve read that they don’t understand.

    Installing patches right now is not a good idea. In very rare circumstances, you need to install a patch soon after it arrives. This isn’t one of those circumstances.

    Right now, we know for sure that these August patches break VB, VBA and VBScript in some situations. Günter Born has a good explainer, which points the finger at array handling. An anonymous follow-on post says it’s related to working with empty arrays.

    You’ll get hit if you’re using Raiser’s Edge, Financial Edge, Education Edge, Epic, Ivanti Workspace Control, or Juris. All have been mentioned by name in our forums.

    DejaBlue, on the other hand — BlueKeep II, III, IV and V — remain theoretical. They, like BlueKeep, will pose a threat at some point. But that point isn’t now.

    It looks like Metasploit is poised to add a BlueKeep module to its package at some point in the next week or two. You’re protected if you followed my instructions and have installed any Windows patch from May onward.

    Meanwhile, there are no credible reports that I can see of a BlueKeep infection. And DejaBlue? I haven’t heard of anything beyond bluescreens.

    Meanwhile, every local news show is telling people to patch now. Bah.