Microsoft warns users again to patch for wormable BlueKeep Exploit
Click here to post a comment for Microsoft warns users again to patch for wormable BlueKeep Exploit on our message forum
schmidtbag
386SX
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0708
@mbk1969 :
I have to look into this issue, but disabling RDP completely is possible. Blocking port 3389 in and outbound should do it as a first countermeasure.
Soooo next-gen. 😀
DOS 7.0 with MS Word 1.0 FTW!!!
Article from MS with a table listing the KB numbers, mitigations and workarounds:
mbk1969
schmidtbag
mbk1969
waltc3
It's literally amazing to me that people run Windows and somehow fail to keep it up-to-date....! Just bizarre. Microsoft invests a lot of money in keeping Windows secure--and updates are free--and mostly automatic these days. But some people go to great lengths to avoid them because of all kinds of superstitious rumors they pick up in various places--like--"Don't take that update--it's got a virus that grabs your bank-account numbers!"--probably started by the person who wrote the real virus that the update kills, most likely...;)
schmidtbag
mbk1969
schmidtbag
mbk1969
386SX
fantaskarsef
Yxskaft
The remote desktop feature is supposed to be disabled by default anyway, you don't have to fiddle with it at all unless you've used it previously
Caesar
Here's my own (accordingly) checklist after 1903 up'-to-'date :
Turning On System Restore in Windows 10
O&O ShutUp 10 - Using a 3rd-party tool to automate the process of disabling Windows Telemetry and other phone-home services of Windows 10.
Disabling "Allow Remote Access"
Disabling Cortana
Getting rid of Suggested apps [Settings > Personalization > Start and turn off Occasionally show suggestions] in Start.
Managing Apps [From the Settings screen, Settings > Apps > Apps & Features, click an app, and click “Advanced Options.”]
....there might others that are less important or i'd missed.;)
KissSh0t
NSA: asks windows users to install new patches to protect against this new exploit.
Windows Users:
[spoiler]https://i.imgur.com/ljttKwF.jpg[/spoiler]
tsunami231
i disable remote access to, not shure if that actual stops such attacks though.
I remeber such attack back when I had XP that with in minutes of connecting to internet bad stuff started to happen, less certian patches were already there
tsunami231
Astyanax
so microsoft is scanning machines connected directly to an internet source, because a NAT enabled router won't show these as open.