News, tips, advice, support for Windows, Office, PCs & more. Tech help. No bull. We're community supported by donations from our Plus Members, and proud of it
Home icon Home icon Home icon Email icon RSS icon
  • Even though there’s a BlueKeep exploit for sale, it doesn’t work very well – doesn’t propagate, for example

    Posted on July 29th, 2019 at 09:37 woody Comment on the AskWoody Lounge

    Catalin Cimpanu wrote in ZDNet on Friday that there’s a “weaponized” BlueKeep exploit available if you have the cash.

    (More BlueKeep info here.)

    There are several reasons why I didn’t raise the alarm, among them one comment from the folks selling the “pen test” exploit:

    our version is not self-propagating (a worm)

    It’s ostensibly only used to test your system to see if it’s vulnerable to BlueKeep-style exploits.

    A couple of hours ago, Kevin Beaumont (who invented the name “BlueKeep” and is following it intently) reinforced my reticence:

    Still nothing to worry about. But for heavens sake, if you run a Win7, Vista, XP or related server, and you haven’t installed any patches since May, you need to get patched NOW.

    If that helped, take a second to support AskWoody on Patreon