KT Connections Blog

KT Connections has been serving the Rapid City area since 1997, providing IT Support such as technical helpdesk support, computer support, and consulting to small and medium-sized businesses.

48 Vulnerabilities Resolved On Patch Tuesday

48 Vulnerabilities Resolved On Patch Tuesday

Microsoft’s monthly Patch Tuesday issued resolutions to 48 vulnerabilities in August, including 15 that affected Windows, 25 critical flaws, 21 important flaws, and 27 that allowed for remote execution. This is a lot to consider, but the main jist of this is that lots of threats were fixed, and that your organization shouldn’t risk not implementing them as soon as possible.

Only 15 of the vulnerabilities affected Windows itself, but the others addressed issues with other Microsoft products, including Internet Explorer, Microsoft Edge, SharePoint, SQL Server, Hyper-V, and Kernel. Yet, only two of these flaws affected every single version of Windows and Windows Server, and none of them were being exploited in the wild by hackers.

One of these vulnerabilities demands your immediate attention, though, and that is the one that has your Windows Search feature in its crosshairs. This vulnerability, coded by Microsoft as CVE-2017-8620, can use the Server Management Block (SMB) to remotely control a system, be it a Windows Server unit or a Windows workstation. Since the flaw isn’t located in SMB itself, it isn’t affected by other threats like the notorious WannaCry ransomware and NotPetya.

This Windows advisory claims that the vulnerability takes advantage of the way that Windows Search works with objects in memory. A hacker can send customized messages through the Windows Search function to change user permissions. They can then take full advantage of their permissions to install, remove, or change applications on any infected device. They can also view, change, or delete any data that’s stored on it, or create a new account just for them with full administrator privileges.

A vulnerability like this is exactly what a hacker wants. They can basically take full control over a victim’s computer with minimum trouble. If you implement patches and security updates as they are released, you shouldn’t have anything to worry about. Does your business have an organized approach to implementing security patches? If not, there are solutions available that you can use to keep security at a maximum.

Outsourced IT often includes remote patching and maintenance that can be used, even by small businesses. Even better, it does this without costing your business an arm and a leg. Enterprise-level solutions are often the only way for your business to thrive in a world filled with competition, but that’s because they provide a significant benefit to your organization that you can’t afford to ignore. We can improve your network security in the same way as an internal IT department, but without the costs associated with adding new salaries to your budget. KT Connections can help your organization implement new security solutions like remote monitoring and maintenance. To learn more, reach out to us at 605-341-3873.

 

Comments

No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Guest
Saturday, 21 October 2017
If you'd like to register, please fill in the username, password and name fields.

Captcha Image

Mobile? Grab this Article!

Qr Code

Tag Cloud

Tip of the Week Security Best Practices Privacy Technology Email Internet Business Computing Cloud malware hackers Google Network Security software Efficiency Ransomware Backup Data Business Microsoft User Tips Hosted Solutions Network IT Support Mobile Device Management Managed IT Services Computer Android Smartphone Small Business Productivity Windows IT Support Data Management Windows 10 Cloud Computing Business Continuity Operating System Mobile Devices Money Facebook Hardware communications Unified Communications Social Media Data storage Internet of Things BDR Gmail Passwords Upgrade IT Services security cameras VoIP Disaster Recovery Antivirus Encryption End of Support data breach Alert Apple Business Management IT Management Phishing Outsourced IT Bandwidth Microsoft Office Outlook App IoT Automation Windows 10 WiFi Server YouTube Customer Service Search Best Practice IBM Google Wallet Google Maps Legal cybersecurity Nextiva Scam Spam Start Menu Communication Lunch and Learn Data Recovery Hard Drive security solutions Drones Events History Save Money Firewall Data Backup SaaS Saving Money Word Information Technology Event Marketing Productivity Local Buzz vulnerability Artificial Intelligence Innovation Networking South Dakota Managed IT Services Law Enforcement Big Data Robot Smartphones The Internet of Things Apps Politics BYOD Samsung Managed Service Provider Education Memory Cache Office 365 Fortinet Internet Connected Devices communication solutions VoIP Experience Lawyers Webcam IT Strategy Business Growth IT for Oil Companies vulnerabilities Tablets Virtualization Emergency Remote Monitoring identity theft botnet attack Network Congestion camera Laptop Microsoft Bookings Business Security Sports Deep Learning IT Solutions Microsoft Office 365 Administration Remote Computing Risk Management Wireless Technology Dell ’s Sonicwall Global Management System Tablet Business Technology LiFi media experience Communications botnet macbook booking process Printing Time Management Hack Office Password Attorneys Streaming Media Microsoft Office 365 features Kaseya Society SOX Disaster Visible Light Communication information Phone System DDoS attacks Google Docs Vendor Management Event Unified Threat Management Windows 8 Information Security Managed Services Windows XP Solid State Drive Kaseya Connect Sarbanes-Oxley Act Website Computer Care Flash Hardware as a Service DDoS Compliance Monitors security precautions Mixer enterprise productivity software Tech Support Email Security Hosted Solution Conference End User Testing Running Cable Knowledge Advertising Chamber of Commerce Settings HaaS Browser Displays Vendors Uninterrupted Power Supply Business Comunications Printer password manager LastPass VPN Virtual Desktop Press Release News Cabling Tech Terms Vendor Mangement How To Workplace Tips Proactive IT Community Involvement Data Protection Fast food Touchscreen Document Management user confidence Bluetooth Digital Quick Tips face Update Access Control Business Mangement Office Tips Penetration Testing Music Download Corporate Profile Cryptocurrency Websites Patch Management Safety Access surveillance cameras Programming Worker Data Security Rebrand Content Filtering Writing Phishing Scams healthcare Cloud Backup Cleaning Government Software as a Service Hacking File Sharing LastPass Redundancy Spyware Trend Micro Rapid City AtomBombing Web Servers Audit Applications communication device Google Drive Managed IT IT Consultation Black Market tool Virtual Machines Local Technology Virtual Reality Virus Workers Project Management Physical Security Analytics Google Play Store IoT Devices appointment Internet 101 Maintenance Social Tips and Tricks business owner Telephony Law IT Collaboration Retail IT Assessment Gadgets Risk Creep Sales Tax Banking CCTV Employer-Employee Relationship Messenger Sync Web Server 3D Printing Private Cloud Users Microchip IT service Phone Systen Books Meetings Cost Management In Internet of Things Motion Sickness Ordinary Computers Budget Mobility Emails Reading Work/Life Balance Tracking quantum computers CrashOverride Machine Learning Hiring/Firing Bring Your Own Device Relocation Downloads Supercomputer Administrator Wi-Fi collaboration capabilities Hacker IT Consultant base infrastructure network security professionals Documents Marketing Hacks Automobile Holiday Training Text Messaging security solution Playbook PDF Unified Threat Management Notifications Business Metrics Computing Social Engineering end-of-support date Employer Employee Relationship Digital Payment breach methods holiday season Chromebook Language Rental Service UTM Flexibility Public Cloud Taxes holidays Cortana Miscellaneous Threat management Reliable Computing Paperless Office scammers Twitter Distributed Denial of Service Scalability Telephone Systems scams G Suite Computer Malfunction Travel Processors Health