News, tips, advice, support for Windows, Office, PCs & more. Tech help. No bull. We're community supported by donations from our Plus Members, and proud of it
Home icon Home icon Home icon Email icon RSS icon
  • Still no DejaBlue exploits generally available

    Posted on August 20th, 2019 at 07:59 woody Comment on the AskWoody Lounge

    And, in spite of what you’ve read, there are no DejaBlue attacks in the offing. Lots of people have posted “Proof of Concept” code on GitHub. A couple of bluescreen generators, but none of the publicly available exploits actually work.

    @MalwareTech has a new blog post analyzing the two DejaBlue CVEs:

    In August 2019 Microsoft announced it had patched a collection of RDP bugs, two of which were wormable. The wormable bugs, CVE-2019-1181 & CVE-2019-1182 affect every OS from Windows 7 to Windows 10. There is some confusion about which CVE is which, though it’s possible both refer to the same bug. The vulnerable code exist in both the RDP client and server, making it possible to exploit in either direction.

    His sample code crashes the system, but doesn’t infect.