It’s time to disconnect RDP from the internet

Minimalist · Dec 17, 2019

While the BlueKeep (CVE-2019-070 vulnerability has not, to date, caused widespread havoc, and we will be looking at the reasons why in this post, it is still very early in its exploitation life cycle. The fact remains that many systems are still not patched, and a thoroughly wormable version of the exploit might still be found. Because of these factors, ESET has created a free utility to check if a system is vulnerable.
Click to expand...

https://www.welivesecurity.com/2019/12/17/bluekeep-time-disconnect-rdp-internet/

Sampei Nihira · Dec 17, 2019

I wonder if this tool only checks if the patch is present or checks in depth if RDP is disabled.
Verification with Windows XP is inefficient.

Minimalist · Dec 17, 2019

Sampei Nihira said: ↑

I wonder if this tool only checks if the patch is present or checks in depth if RDP is disabled.
Verification with Windows XP is inefficient.
Click to expand...

I guess it checks if patch has been applied:

This program has been tested against 32-bit and 64-bit versions of Windows XP, Windows Vista, Windows Server 2003, Windows Server 2003 R2, Windows Server 2008 and Windows Server 2008 R2 before and after applying Microsoft’s updates for BlueKeep.
Click to expand...

https://www.welivesecurity.com/2019...ct-rdp-internet/#eset-bluekeep-detection-tool

Sampei Nihira · Dec 17, 2019

Minimalist said: ↑

I guess it checks if patch has been applied:

https://www.welivesecurity.com/2019...ct-rdp-internet/#eset-bluekeep-detection-tool
Click to expand...

Often I can't use these tools probably for my overly protective settings.
As you can see, it doesn't work in my PC:

https://msfn.org/board/topic/180831-it%E2%80%99s-time-to-disconnect-rdp-from-the-internet/

Page42 · Dec 17, 2019

Minimalist said: ↑

I guess it checks if patch has been applied
Click to expand...

Seems to be the case when I ran the tool.

Minimalist · Dec 18, 2019

@Page42 Yes, I get similar result.

Page42 · Dec 18, 2019

I have had Remote Desktop Services disabled in Services for quite a long time, as well.

Minimalist · Dec 18, 2019

Yes, I have them disabled also. There's no reason running them if one doesn't need it

Log in or Sign up

It’s time to disconnect RDP from the internet

Minimalist Registered Member

Sampei Nihira Registered Member

Minimalist Registered Member

Sampei Nihira Registered Member

Page42 Registered Member

Minimalist Registered Member

Page42 Registered Member

Minimalist Registered Member

Log in or Sign up

It’s time to disconnect RDP from the internet

Minimalist Registered Member

Sampei Nihira Registered Member

Minimalist Registered Member

Sampei Nihira Registered Member

Page42 Registered Member

Minimalist Registered Member

Page42 Registered Member

Minimalist Registered Member

Useful Searches