• Do you want to protect yourself against BlueKeep, or break Visual Basic?

    Posted on August 16, 2019 at 09:51 CDT by Comment in the Forums

    Gawd this is tiresome.

    If you read somewhere that you have to install the August patches, even though you read somewhere that you can’t install the August patches (e.g., if you use Juris), chill. The authors of those advisories are parroting things that they’ve read that they don’t understand.

    Installing patches right now is not a good idea. In very rare circumstances, you need to install a patch soon after it arrives. This isn’t one of those circumstances.

    Right now, we know for sure that these August patches break VB, VBA and VBScript in some situations. Günter Born has a good explainer, which points the finger at array handling. An anonymous follow-on post says it’s related to working with empty arrays.

    You’ll get hit if you’re using Raiser’s Edge, Financial Edge, Education Edge, Epic, Ivanti Workspace Control, or Juris. All have been mentioned by name in our forums.

    DejaBlue, on the other hand — BlueKeep II, III, IV and V — remain theoretical. They, like BlueKeep, will pose a threat at some point. But that point isn’t now.

    It looks like Metasploit is poised to add a BlueKeep module to its package at some point in the next week or two. You’re protected if you followed my instructions and have installed any Windows patch from May onward.

    Meanwhile, there are no credible reports that I can see of a BlueKeep infection. And DejaBlue? I haven’t heard of anything beyond bluescreens.

    Meanwhile, every local news show is telling people to patch now. Bah.

    Windows Patches/Security ,
DON'T MISS OUT!
Subscribe to the Free Newsletter
We promise not to spam you. Unsubscribe at any time.
Invalid email address

View the Forum

  • Recent Replies
  • My Replies
  • My Active Topics
  • New Posts in the Last day
  • Private Messages
  • Knowledge Base
  • How to use the Forums
  • All Forums

    • Recent Topics

    My Profile

    March 2025
    S M T W T F S
     1
    2345678
    9101112131415
    16171819202122
    23242526272829
    3031  

    Want to Advertise in the free newsletter? How about a gift subscription in honor of a birthday? Send an email to sb@askwoody.com to ask how.

    Mastodon profile for DefConPatch
    Mastodon profile for AskWoody

     

    Home About FAQ Posts & Privacy Forums My Account
    Register Free Newsletter Plus Membership Gift Certificates MS-DEFCON Alerts

    Copyright ©2004-2025 by AskWoody Tech LLC. All Rights Reserved.