It’s Not BlueKeep and It’s Not Spreading Yet – But Listen Up!

By | August 14, 2019
Print Friendly, PDF & Email

 

 

It’s Not BlueKeep and It’s Not Spreading Yet – But Listen Up!

We have received several emails from folks who have read dire scary warnings that “800 million” Windows 10 computers are vulnerable to BlueKeep. That’s simply not true. Here’s why: Windows 10 is not vulnerable to BlueKeep,  It is, however, vulnerable to two BlueKeep-like “wormable attacks” that can spread from computer to computer.

But the way the articles were written, it made it sound like 800 million Windows 10 computer were on the frontlines of a major wormable attack. This kind of “the-sky-is-falling-journalism” certainly attracts readers and keeps the revenue rolling in, but it doesn’t help keep people safer. Panic is always logic’s worst enemy. 

Sure the vulnerability is real, but it’s not spreading yet – not a single computer “in-the-wild” (meaning generally, Windows computers connected to the Internet) has yet been infected, but it’s coming –  and it’s only a matter of time. 

There’s no need to panic, is you’re using Windows 10 you’ll get the patches automatically via Windows Update.

Here’s an article from ZDNet (August 13, 2019):

Microsoft said today it patched two new major security flaws in the Windows Desktop Services package.

These two vulnerabilities are similar to the vulnerability known as BlueKeep (CVE-2019-0708). Microsoft patched BlueKeep in May and warned that attackers could abuse it to create “wormable” attacks that spread from one computer to another without user interaction.

Today, Microsoft said it patched two other BlueKeep-like security flaws, namely CVE-2019-1181 and CVE-2019-1182.

Just like BlueKeep, these two new bugs are wormable, and they also reside in the Windows Remote Desktop Services (RDS) package.

Unlike BlueKeep, these two cannot be exploited via the Remote Desktop Protocol (RDP), which is normally part of the bigger RDS package.

AFFECTED VERSIONS
“The affected versions of Windows are Windows 7 SP1, Windows Server 2008 R2 SP1, Windows Server 2012, Windows 8.1, Windows Server 2012 R2, and all supported versions of Windows 10, including server versions,” said Simon Pope, Director of Incident Response at the Microsoft Security Response Center (MSRC).

“Windows XP, Windows Server 2003, and Windows Server 2008 are not affected,” he said.

Pope said Microsoft found these vulnerabilities internally, while trying to harden and improve the security posture of the RDS package…

ZDNet

Before you read more into that than there is and wish you would have stayed with Windows XP, XP was vulnerable to BlueKeep, and Microsoft, to prevent BlueKeep from spreading from infected machines to other vulnerable machines, patched Windows XP computers, though XP has long since passed its end-of-life date.

The moral to the story? It’s OK to delay versions update (like updating from Windows 10 Version 1809 to Version 1903), but it’s not OK to prevent or delay regular Windows Updates. Regular Windows updates are important because they often contain security patches and bug fixes.  So, delay version updates if you wish, but make sure you install all other Windows updates.

 

5 thoughts on “It’s Not BlueKeep and It’s Not Spreading Yet – But Listen Up!

  1. Larry Hubble

    Hey, I have been getting these notices telling me that the current version of the April Windows 10 ends in November, do I want to restart now, restart tomorrow, or set a date to restart. I didn’t know which was true because it came up as a little box in the corner like so many notices do. Is this true, or is this just a scam. When I check my settings, it says that my version of Windows 10 is as it should be. Just wondered if this is true or something just going around, I selected that I would pick another date besides right now or tomorrow, Is there anything I should so?

    Reply
    1. infoave Post author

      Hi Larry, Those are real notifications. Not sure what you mean by your version of Windows 10 is as it should be. The current version of Windows 10 is Version 1903. You can tell what version of Windows you have this way: Type WINVER into the taskbar search and press Enter.

      If your version of Windows 10 is version 1803, you should keep in mind that Windows 10’s (1803) End-of-servicing date is November 12, 2019. That means after November 12, 2019, those using Windows 10 version 1803 will no longer receive updates. So, you still have time to upgrade to the current version of Windows 10.

      From what we’ve seen it looks like most of the kinks and bugs have been worked out of Version 1903 (May 2019 Update) so, you shouldn’t have any problems with it. Keep in mind the update can take 45 minutes to several hours. So, it would be best to do it when you aren’t going to be using your PC.

      Reply
  2. Dawn Campbell

    Let me tell you no matter how bad your computer becomes do not ever RESET! I am the stupidest person on this earth for doing that. It is 10 times worse than trying to get a brand new computer working how you like it. Into the electronic recycle this one will go.

    Reply
    1. infoave Post author

      We have reset our personal computers many times and it worked exactly as expected. We’ve also helped with resetting more than a dozen computers and the results were as expected. In every case, personal files we retained, all programs were removed, and Windows was reinstalled.

      A reset is supposed to remove all your programs, that’s how it works. If you were infected with malware, ransomware, or something else, then a reset would remove those as well.

      Not sure what you expected a reset to do, but we’ve done resets several times on our own computers and we knew what to expect and we’re both glad we did it.

      Resets are covered here

      We’ve had excellent results with our own PCs and many other PCs on which we’ve initiated a reset. It gives Windows users a chance to start over without losing their personal files. Of course, we still recommend keeping good backups- just in case.

      Reply
  3. Rose Smith

    Well, if I have to update to Version 1903 by 11/12/19 it appears I’m between a rock and a hard spot. When my computer updated last week to Version 1903 I lost all sound. I worked all the next day trying to fix it and finally had to go back to Version 1803.
    What should I do?

    Reply

Leave a Reply to Rose Smith Cancel reply

Your email address will not be published. Required fields are marked *