Newsletter Archives

  • Update: The “wormable” Win XP/Win7 RDP security hole, BlueKeep, still hasn’t been cracked

    Posted on May 29, 2019 at 14:32 CDT by Comment in the Forums

    Forgive me for joining the Chicken Little crowd a couple of weeks ago and recommending that all of you folks running

    • Windows XP (including Embedded)
    • Windows Server 2003, Server 2003 Datacenter Edition
    • Windows 7
    • Windows Server 2008, Server 2008 R2

    install the latest patches for the “wormable” RDP security hole. (Kevin Beaumont has taken to calling the security hole “BlueKeep” and it seems the name has caught on.)

    Fortunately, I’m not aware of any problems arising from installing the patches. Unfortunately (???), the pressing need just wasn’t there.

    Why? Ends up that turning BlueKeep into a real exploit is a very difficult job. According to Beaumont:

    https://twitter.com/GossiTheDog/status/1133812261909422086

    I’ve asked every expert I can find about an obvious solution — isn’t it sufficient to simply turn off the Remote Desktop Protocol in the user interface? (In Win7, Start > Control Panel > System and Security > System > Remote Settings, in the System Properties dialog box, click Don’t Allow Connections to This Computer.) That, and/or blocking port 3389 (the port RDP uses by default) should be enough to keep any RDP-related malware at bay. At least, it appears that way to me.

    But I haven’t received a positive response from any of those experts. The ones who know ain’t sayin’. And the ones who probably do know aren’t willing to stick their necks out. It’s hard to fault them: Microsoft hasn’t provided any guidance on the matter, one way or another, so if blocking RDP ends up being insufficient — no matter how logical — there’s a lot of exposure to the person making the recommendation.

    I’ll keep you posted as I hear more, but it looks like the Sky Ain’t Fallin’.

    Windows Patches/Security

  • There’s now a freely available proof of concept exploit for the “wormable” WinXP/Win7 bug

    Posted on May 20, 2019 at 08:19 CDT by Comment in the Forums

    But it isn’t yet capable of inflicting damage

    https://twitter.com/GossiTheDog/status/1130425920987303936

    Windows Patches/Security ,
  • Newer Entries »
DON'T MISS OUT!
Subscribe to the Free Newsletter
We promise not to spam you. Unsubscribe at any time.
Invalid email address

View the Forum

  • Recent Replies
  • My Replies
  • My Active Topics
  • New Posts in the Last day
  • Private Messages
  • Knowledge Base
  • How to use the Forums
  • All Forums

    • Recent Topics

    My Profile

    May 2025
    S M T W T F S
     123
    45678910
    11121314151617
    18192021222324
    25262728293031

    Remembering Woody

     

    Want to Advertise in the free newsletter? How about a gift subscription in honor of a birthday? Send an email to sb@askwoody.com to ask how.

    Mastodon profile for DefConPatch
    Mastodon profile for AskWoody

     

    Home About FAQ Posts & Privacy Forums My Account
    Register Free Newsletter Plus Membership Gift Certificates MS-DEFCON Alerts

    Copyright ©2004-2025 by AskWoody Tech LLC. All Rights Reserved.