Windows systems users remain vulnerable to new threats that can spread from computer to computer without a user doing anything to prompt the intrusion.
Microsoft recently discovered two new vulnerabilities that affect remote desktop services. The company released a security update Aug. 13, and is encouraging users to download the patch immediately. You can find the release and the link to the security patch here.
This comes after an earlier similar threat was exposed in May, leading Microsoft to report that such vulnerabilities are “wormable” and can affect nearly 1 million computers connected directed to the internet.
“It only takes one vulnerable computer connected to the internet to provide a potential gateway into these corporate networks, where advanced malware can spread, infecting computers across the enterprise,” Microsoft reported in a previous blog.
The flaw affects those who use systems that use the Remote Desktop Services feature, which allows you to remotely control a Windows machine over the internet. Many companies use this feature to offer support and manage large numbers of computers.
“At Christian Brothers Services, we watch over all of our computer servers and all devices in use by our employees to ensure all updates and patches are promptly applied,” said Tom Drez, chief information, privacy and security officer, and CBS managing director.
In many cases, CBS uses automatic updates on an item, hardware or software so they are applied immediately when released by the manufacturer. In other cases, an inventory of IT assets is maintained so that we can use it as a checklist to be sure they are updated regularly.
Drez reports that this serves as a lesson in why becoming versed in cybersecurity is increasingly important and incorporating sound practices is essential.
“Practicing good IT risk management includes implementing reasonable, appropriate and prudent cybersecurity controls,” said Drez. “Cybersecurity is a very large topic that can be daunting when it comes to deciding where to begin. A very good place to start is to focus on basic hardware and software updates.”
He explains that for every item of hardware such as your desktop or laptop computer, or every item of software such as Microsoft Office or Adobe Acrobat, the manufacturer likely provides updates that include usability enhancements, bug fixes and security updates. It is recommended practice to obtain and install all of these updates when the manufacturer makes them available. Many cybersecurity incidents occur on hardware and software that has not been updated, also known as patching.
“The bad actors know that not everyone updates their hardware and software regularly, so they are able to prey on old, known vulnerabilities for multiple years. Don’t make yourself an easy target. Apply all of your manufacturer updates and patches promptly when they are released,” recommends Drez.
The affected versions of Windows are Windows 7 SP1, windows Server 2008 R2 SP1, Windows Server 2012, Windows 8.1, Windows Server 2012 R2, and all supported versions of Windows 10, including server versions.
Windows XP, Windows Server 2003 and Windows Server 2008 are not affected, nor is the Remote Desktop Protocol (RDP) itself affected.
For more information regarding cybersecurity, check in with CBS preferred vendor, Stridium Cybersecurity Advisors at https://www.cbservices.org/stridium.html and read more on cybersecurity on the CBS Blog.