Protecting against “BlueBorne Vulnerability” Using Saner Solution on Windows

    Follow

    Introduction

    Over 5.3 billion devices across windows, linux, ios, and android are affected with a new attack vector called BlueBorne.
    Unless traditional attacks, this attack vector spreads over the air via Bluetooth and hacker does not need to pair with each device.

    If Bluetooth is turned on, the hacker can get control of the device, spread the malware, all process will be undetectable by the victim.

    BlueBorne Vulnerability Attack Method

    Since attacker only requires the Bluetooth to be turned on, with BlueBorne attack the infected device can further connect to infect any other device such as laptops, smart watch, smart phone or any other Bluetooth enabled device.

    There is no way of detecting or stopping the attack, as it is invisible unlike traditional attacks.

    Impact of Vulnerability:

    - Each and every device which is being infected can be delivered with a malware or ransomware.
    - The hackers can penetrate and take control of devices, and gain access to critical business related information.
    - A Ransomware attack can lead to hostage of confidential data, and can force user to pay ransom.
    - Failure in decrypting can lead to complete loss of data.

    In this article, we will cover step by step procedure to protect against “BlueBorne Vulnerability” using Saner Solution.


    Protecting against “BlueBorne Vulnerability” using Saner Solution
     

    For illustration, we have chosen “Windows 7” system.

    How to check if systems are prone to “BlueBorne Vulnerability”?

    Step1: Search for “CVE-2017-8628” from the top search bar as shown below.

     

    Step 2: After clicking on search button, if any hosts are prone to BlueBorne Vulnerability will be listed as shown below.

     

    How to remove “BlueBorne Vulnerability” using Saner solution? 

    Step 1: Click on“Command And Control” section tab. A window appears as shown below. Click on “Create command” on the top right corner.

     

    Step 2: Click on “Remediation” to remediate the vulnerability.

     

    Step 3: Select “Remediation Job”, choose a group of devices and from “Vulnerable/Non-Compliant Assets” select “Microsoft Windows 7 sp1 x86”. Checkbox “Auto Reboot” as the patch requires a reboot. Fill in Name and Description
    and click on “Add”. 

     

    Step 4: We can see the job is created. Saner will start to roll out the patch to all systems selected. Status will be
    ongoing once the job gets created.

     

    Step 5: After a while, click on status and the status will be “rebooting system”. 

     

    Step 6: Click on refresh, remediating “BlueBorne Vulnerability on Windows” will be success. which can be seen in below screenshot.

    To download the full article, please open the below pdf attachment.

    Was this article helpful?
    0 out of 0 found this helpful

    Comments