The VMware Carbon Black Tech Zone is live! Checkout this great resource: Mastering Carbon Black Audit & Remediation.

Check Devices for BlueKeep Vulnerability

Description: Query looks for Devices that are vulnerable to the BlueKeep Windows vulnerability (CVE-2019-0708) more details: . This affects Windows 7 and Windows 2008 server and below which a lot of organizations still use. This doesn't affect Windows 10, server 2012 and above. Useful to find and patch devices as the exploit is available in Metasploit which is readily available to the public.

What The Data Shows: Data provides a list of devices that do not have the KB installed that mitigates against this this vulnerability. Listing only Vulnerable devices we aren't worried about the devices that have the update installed.


FROM patches WHERE 'KB4499180' OR 'KB4499175'
NOT IN (SELECT hotfix_id FROM patches);
1 Comment
Carbon Black Employee
Status changed to: Approved