Pulse Technology Solutions Blog

View the blog entries posted by James Ritter. IT blogs covering cloud, security, best practices, how-tos, and more.

Your Search Bar Is Now More Secure

Your Search Bar Is Now More Secure

August saw yet another Patch Tuesday designed to resolve security issues in Microsoft products. Out of the 48 vulnerabilities resolved, 15 affected Windows, while 25 were rated as critical, 21 as important, and 27 that allowed for remote code execution. This might sound a little overwhelming, so we’ll try to simplify it a bit--a lot of flaws were fixed, and the majority of them can be considered dangerous for your organization.

Since only 15 affected Windows itself, you might be wondering where the others were applied. Other Microsoft products, including Internet Explorer, Microsoft Edge, Sharepoint, SQL Server, Hyper-V, and Kernel, all required a response from the developer. Only two of these flaws affected all versions of Windows and Windows Server, yet none of them were being exploited in the wild by hackers trying to find their next victim.

There is one vulnerability, however, that should require your immediate attention, and this is the one which targets the Windows Search function in your device. The vulnerability in question, CVE-2017-8620, can be exploited remotely via Server Management Block (SMB) to take over a system. This includes both a Windows workstation or a Windows Server unit. Thankfully, the flaw doesn’t exist in SMB itself, and is unaffected by the dangerous threats like the WannaCry ransomware and NotPetya.

According to the Windows advisory, the vulnerability is exploited through the way that Windows Search handles objects in memory. Basically, hackers can send specialized messages through Windows Search to change user permissions. Once they have done so, the possibilities are limitless. Hackers could install, remove, or change applications on the targeted device, as well as view, change, or delete data stored on it. Even scarier is the ability to create an entirely new account with full administrator privileges.

This type of vulnerability is something out of a hacker’s dream, allowing them to take full advantage of a victim’s computer with relatively little trouble. The good news is that as long as you apply the required patches and security updates, the issue can be resolved easily enough. How does your organization combat vulnerabilities? You need to implement patches and security updates in at least some capacity, as not doing anything at all is a recipe for disaster--especially with a threat as thorough as the one mentioned above. Thankfully, there is a solution for organizations that either don’t have the time or the resources to implement patches in a timely manner.

Outsourced IT services, including remote patching and maintenance, can be acquired by organizations of all sizes, without breaking your budget or dragging down operations due to maintenance. You can take advantage of enterprise-level solutions designed to help your organization optimize security, without hiring an internal IT department and adding new salaries to your budget. Pulse Technology Solutions can help your business identify and repair weaknesses in its computing infrastructure. To learn more, reach out to us at 239-362-9902.

Our clients that are subscribed to our Managed IT services will be covered and will be getting the Windows updates once it has been fully tested.

Protecting Your Data Is Easier With A VPN
What Hackers Are Looking For On Your Network
 

Comments

No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Guest
Thursday, 19 October 2017

Captcha Image

Mobile? Grab this Article!

QR-Code dieser Seite

Tag Cloud

Security Tip of the Week Technology Cloud Business Computing Best Practices Malware Privacy Network Security Hackers Backup Productivity Managed IT Services Software IT Services Ransomware Microsoft Outsourced IT Business User Tips Internet Business Continuity Windows 10 Mobile Devices Email Computer IT Support Efficiency Google Smartphone Social Media Productivity Managed IT Data Backup Unified Threat Management Hardware Remote Monitoring Android Data Recovery Recovery Workplace Tips Disaster Recovery Hosted Solutions Work/Life Balance Communication Office 365 Data Management App Data Cybersecurity Cloud Computing Tip of the week SaaS Managed Service Provider Training Innovation Apps IT Support Save Money Managed IT Services Big Data Firewall Internet of Things Paperless Office Robot Small Business Collaboration Telephone Systems Browser IT Service Facebook Hosted Solution Smartphones Phishing How To Word Risk Management Windows Content Filtering File Sharing Password Mobile Device Twitter Artificial Intelligence Encryption Data Storage Going Green Education Taxes Virtualization Antivirus Health Virtual Private Network VoIP Websites Alert BDR Botnet Samsung Virtual Reality Uninterrupted Power Supply Money Politics Windows 10 VoIP Mobility Wireless Computer Care Hacker Vendor Management Physical Security BYOD Automobile IT Management Mobile Device Management Files Upgrades Project Management G Suite Quick Tips Statistics Maintenance Computer Repair GPS CCTV Vulnerability Employer-Employee Relationship Server Office History Bandwidth Google Drive Law Enforcement Bluetooth Tech Support IBM Remote Computing Upgrade Tracking VPN Administrator Tablet Help Desk Cabling Business Technology Avoiding Downtime Gadget Budget Emoji Corporate Profile Processors Document Management IT Consultant Business Management How To Apple Infrastructure Business Growth Lenovo Cybercrime Time Management Hacking Computing WannaCry Electronic Medical Records Unified Threat Management Mail Merge Analytics Customer Service Holiday Sports Disaster Social Superfish Unsupported Software Travel Network Management Trending Monitors Identity Theft Address Downtime Chrome Virus Wireless Technology Google Maps Scam Motion Sickness Touchscreen Information Technology Error Data loss Redundancy Sync Firefox Computers Networking Meetings Cleaning Search Private Cloud Cortana Mobile Device Managment Customer Relationship Management Crowdsourcing Telephony Solid State Drive USB Data Security Mobile Data Webcam Microsoft Office Public Cloud YouTube Supercomputer Assessment Government Legal Heating/Cooling Update Hard Disk Drive Automation Personal Information Techology Point of Sale Staffing Outlook Communications Settings Notifications IT Budget Licensing Consultation Servers Chromebook Web Server Shortcut Digital Network Digital Payment Software Tips IT Solutions Server Management Black Market Wi-Fi WiFi Cameras Patch Management Office Tips Spyware Thank You IT Consulting Emergency Congratulations Data Breach CrashOverride Technology Laws User Error Cost Management Disaster Resistance Proactive IT Hacks

Newsletter Sign Up