CVE-2019-0708

[Dublin70]

I would like to download this patch for my win7 desktop but can't seem to find it. It did not come with a recent windows update. "Patches are currently available for Windows XP, Windows Vista, Windows 7, Windows Server 2003, and Windows Server 2008 -- the Windows versions vulnerable to BlueKeep attacks".        This is from zdnet. Can someone guide me to the download site. I have not had any luck. Thanks.

[Malwarebytes]

***This is an automated reply***

Hi,

Thanks for posting in the Malwarebytes 3 Help forum.

 

If you are having technical issues with our Windows product, please do the following: 

Spoiler

If you haven’t already done so, please run the Malwarebytes Support Tool and then attach the logs in your next reply:

NOTE: The tools and the information obtained is safe and not harmful to your privacy or your computer, please allow the programs to run if blocked by your system.

1. Download Malwarebytes Support Tool
2. Once the file is downloaded, open your Downloads folder/location of the downloaded file
3. Double-click mb-support-X.X.X.XXXX.exe to run the program
   • You may be prompted by User Account Control (UAC) to allow changes to be made to your computer. Click Yes to consent.
4. Place a checkmark next to Accept License Agreement and click Next
5. You will be presented with a page stating, "Get Started!"
6. Click the Advanced tab on the left column
   
7. Click the Gather Logs button
   
8. A progress bar will appear and the program will proceed with getting logs from your computer
   
9. Upon completion, click a file named mbst-grab-results.zip will be saved to your Desktop. Click OK
10. Please attach the file in your next reply. Before submitting your reply, be sure to enable "Notify me of replies" like so:
       

Click "Reveal Hidden Contents" below for details on how to attach a file:
 

Spoiler

To save attachments, please click the link as shown below. You can click and drag the files to this bar or you can click the choose files, then browse to where your files are located, select them and click the Open button.

 

One of our experts will be able to assist you shortly.

 

If you are having licensing issues, please do the following: 

Spoiler

For any of these issues:

• Renewals
• Refunds (including double billing)
• Cancellations
• Update Billing Info
• Multiple Transactions
• Consumer Purchases
• Transaction Receipt

Please contact our support team at https://support.malwarebytes.com/community/consumer/pages/contact-us to get help

If you need help looking up your license details, please head here: https://support.malwarebytes.com/docs/DOC-1264 

 

Thanks in advance for your patience.

-The Malwarebytes Forum Team

 

[exile360]

Greetings,

As long as you installed the most recent monthly rollup for your OS then you already have this patch installed as it was included in the rollup for Windows 7.  This is how most Windows 7 users received the patch through Windows Update.  You can learn more in this Microsoft article.

[David H. Lipman]

RE:   Prevent a worm by updating Remote Desktop Services

[exile360]

By the way, if you wish to confirm it, this patch was included in the following monthly rollups:

KB4499164
KB4499175

Just check your update history to verify that one of those is installed and you're all set  

[Dublin70]

Great - I do have 164. Phew. thanks to all.

[exile360]

You're welcome

By the way, if like me you don't use Remote Desktop you may disable it to prevent any hackers from using it, including in case any further vulnerabilities are discovered in it in the future that we don't know about yet.  You'll find instructions on how to do so in this Lifewire article.  You can also take things even further than that if you're truly paranoid (as I am) by disabling any networking components you do not need or use.  Details about doing so can be found in my post here.

I disable all remote, sharing and IPv6 components since I simply connect my system directly to the web through my wireless router/modem.  Because of this I was already immune to this vulnerability long before Microsoft ever patched it since all Remote Desktop components were already disabled on my system.  The same was true of WannaCry when it was spreading via the EternalBlue SMB exploit as I already had SMB disabled on all my network connections.  Why Microsoft leaves so many remote/sharing features active by default in their operating systems when they know full well that only a very limited number of users actually use them I will never know.  It's particularly concerning since those who would use them must know enough about computers to know how to enable them anyway since setting up such things for use isn't exactly transparent without guidance (and such guidance could just as easily document how to install/enable these features to begin with), not to mention the performance gains from not running unnecessary services and networking components all the time in the background and on system startup.  Had they done so, the WannaCry incident would have never happened and they wouldn't have had to scramble to patch every OS under the sun (including the unsupported Windows XP).