Bluekeep and DejaBlue: two vulnerabilities of the Remote Desktop Protocol (RDP) within Microsoft Windows systems

08/12/2020


Recently, several vulnerabilities around the Remote Desktop Protocol (RDP) within Microsoft Windows systems were disclosed (Bluekeep and DejaBlue). While these vulnerabilities apply to all Illumina systems, there have been no reported infections of Illumina systems.

How to Secure Your Systems

  • As recommended in the Illumina Security Best Practices Guide, RDP should be disabled on all Illumina instruments.
  • More details about the BlueKeep vulnerability can be found here.
  • More details about the DejaBlue vulnerability can be found here.

Note: the BlueKeep RDP patch applies to only instruments running on Windows 7, while DejaBlue RDP patch applies to all instruments and Windows operating systems.

For DejaBlue, Illumina recommends the application of the specific patch for your instrument. Use the table below to select the appropriate patches. Due to prerequisites, the patches should be installed in numerical order (eg, Patch 1 first, Patch 2 second, Patch 3 (as applicable) last).

Operating System PATCH 1 PATCH 2 PATCH 3
Windows 10

Patch1

2019-09 Servicing Stack Update for Windows 10 Version 1607 for x86-based Systems (KB4512574)

Patch2

2019-07 Cumulative Update for Windows 10 Version 1607 for x64-based Systems (KB4512517)

N/A
Windows 7

Patch1

2019-09 Security Update for Windows Embedded Standard 7 for x64-based Systems (KB4474419)

Patch2

2019-03 Servicing Stack Update for Windows Embedded Standard 7 for x64-based Systems (KB4490628)

Patch3

2019-08 Security Only Quality Update for Windows Embedded Standard 7 for x64-based Systems (KB4512486)

 

The security of your data and systems is paramount to Illumina. If you have additional questions regarding security recommendations from Illumina or about RDP on your Illumina systems, refer to the Illumina Security Resources & Best Practices page on the Illumina website or contact techsupport@illumina.com.