Contact us today!
(518) 203-2110

Evolve IT

Evolve IT has been serving the Saratoga Springs area since 1995, providing IT Support such as technical helpdesk support, computer support, and consulting to small and medium-sized businesses.

48 Vulnerabilities Resolved On Patch Tuesday

48 Vulnerabilities Resolved On Patch Tuesday

Microsoft’s monthly Patch Tuesday issued resolutions to 48 vulnerabilities in August, including 15 that affected Windows, 25 critical flaws, 21 important flaws, and 27 that allowed for remote execution. This is a lot to consider, but the main jist of this is that lots of threats were fixed, and that your organization shouldn’t risk not implementing them as soon as possible.

Only 15 of the vulnerabilities affected Windows itself, but the others addressed issues with other Microsoft products, including Internet Explorer, Microsoft Edge, SharePoint, SQL Server, Hyper-V, and Kernel. Yet, only two of these flaws affected every single version of Windows and Windows Server, and none of them were being exploited in the wild by hackers.

One of these vulnerabilities demands your immediate attention, though, and that is the one that has your Windows Search feature in its crosshairs. This vulnerability, coded by Microsoft as CVE-2017-8620, can use the Server Management Block (SMB) to remotely control a system, be it a Windows Server unit or a Windows workstation. Since the flaw isn’t located in SMB itself, it isn’t affected by other threats like the notorious WannaCry ransomware and NotPetya.

This Windows advisory claims that the vulnerability takes advantage of the way that Windows Search works with objects in memory. A hacker can send customized messages through the Windows Search function to change user permissions. They can then take full advantage of their permissions to install, remove, or change applications on any infected device. They can also view, change, or delete any data that’s stored on it, or create a new account just for them with full administrator privileges.

A vulnerability like this is exactly what a hacker wants. They can basically take full control over a victim’s computer with minimum trouble. If you implement patches and security updates as they are released, you shouldn’t have anything to worry about. Does your business have an organized approach to implementing security patches? If not, there are solutions available that you can use to keep security at a maximum.

Outsourced IT often includes remote patching and maintenance that can be used, even by small businesses. Even better, it does this without costing your business an arm and a leg. Enterprise-level solutions are often the only way for your business to thrive in a world filled with competition, but that’s because they provide a significant benefit to your organization that you can’t afford to ignore. We can improve your network security in the same way as an internal IT department, but without the costs associated with adding new salaries to your budget. Evolve IT can help your organization implement new security solutions like remote monitoring and maintenance. To learn more, reach out to us at (518) 203-2110.

Comments

 
No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Guest
Thursday, 14 November 2024
If you'd like to register, please fill in the username, password and name fields.

Captcha Image

Blog Archive

Free Consultation

Sign up today for a
FREE Network Consultation

How secure is your IT infrastructure?
Let us evaluate it for free!

Sign up!

Free Consultation
 

Tag Cloud

Tip of the Week Security Best Practices Technology Internet Hackers Cloud Privacy Email Productivity Business Malware Software Business Computing User Tips Hosted Solutions Microsoft Upgrade Efficiency Workplace Tips Google Computer Windows 10 IT Support Mobile Devices Innovation Smartphone Hardware Network Security Ransomware Gmail Facebook Microsoft Office Operating System Office Backup Apps Business Continuity The Internet of Things Social Media Disaster Recovery Communication Bandwidth Hacking WiFi Phishing App Mobile Device Management Money Network Mobile Computing communications Big Data Safety Managed Service Provider Unified Threat Management Outlook Quick Tips Wireless Technology Android Firewall Apple Content Filtering Cybercrime Smartphones Best Practice Website Alert Networking Data storage Data Employer-Employee Relationship Windows Experience History Two-factor Authentication Small Business Memory BYOD Downtime Office 365 Help Desk Passwords Streaming Media Visible Light Communication Saving Money Disaster Analytics Micrsooft Deep Learning Lithium-ion battery BDR intranet Business Growth Data Management Advertising Recovery Robot Vendor Management Society Social Networking Sports Public Speaking Google Wallet Spam Virtualization Information Technology Running Cable IP Address Monitors Windows 8 Internet of Things IT Services Hosted Solution Government Windows XP Keyboard Artificial Intelligence Documents Augmented Reality Displays Search User Tech Support Compliance Hard Drives Drones Shortcut Social Remote Computing End of Support DDoS Printer Browser Wireless Heating/Cooling Word Virtual Desktop Writing Unified Communications Securty Document Management Encryption VoIP Law Enforcement Business Management SaaS Competition Proactive IT Cortana Presentation Network Congestion Entrepreneur Retail Save Money Domains Music Hacker Managed IT services Cryptocurrency Laptop Application IBM Customer Service Google Docs Education Bluetooth Cleaning Holiday Black Market YouTube Processors LiFi Staffing Office Tips Automation Router
QR-Code