KT Connections Blog

KT Connections has been serving the Rapid City area since 1997, providing IT Support such as technical helpdesk support, computer support, and consulting to small and medium-sized businesses.

48 Vulnerabilities Resolved On Patch Tuesday

48 Vulnerabilities Resolved On Patch Tuesday

Microsoft’s monthly Patch Tuesday issued resolutions to 48 vulnerabilities in August, including 15 that affected Windows, 25 critical flaws, 21 important flaws, and 27 that allowed for remote execution. This is a lot to consider, but the main jist of this is that lots of threats were fixed, and that your organization shouldn’t risk not implementing them as soon as possible.

Only 15 of the vulnerabilities affected Windows itself, but the others addressed issues with other Microsoft products, including Internet Explorer, Microsoft Edge, SharePoint, SQL Server, Hyper-V, and Kernel. Yet, only two of these flaws affected every single version of Windows and Windows Server, and none of them were being exploited in the wild by hackers.

One of these vulnerabilities demands your immediate attention, though, and that is the one that has your Windows Search feature in its crosshairs. This vulnerability, coded by Microsoft as CVE-2017-8620, can use the Server Management Block (SMB) to remotely control a system, be it a Windows Server unit or a Windows workstation. Since the flaw isn’t located in SMB itself, it isn’t affected by other threats like the notorious WannaCry ransomware and NotPetya.

This Windows advisory claims that the vulnerability takes advantage of the way that Windows Search works with objects in memory. A hacker can send customized messages through the Windows Search function to change user permissions. They can then take full advantage of their permissions to install, remove, or change applications on any infected device. They can also view, change, or delete any data that’s stored on it, or create a new account just for them with full administrator privileges.

A vulnerability like this is exactly what a hacker wants. They can basically take full control over a victim’s computer with minimum trouble. If you implement patches and security updates as they are released, you shouldn’t have anything to worry about. Does your business have an organized approach to implementing security patches? If not, there are solutions available that you can use to keep security at a maximum.

Outsourced IT often includes remote patching and maintenance that can be used, even by small businesses. Even better, it does this without costing your business an arm and a leg. Enterprise-level solutions are often the only way for your business to thrive in a world filled with competition, but that’s because they provide a significant benefit to your organization that you can’t afford to ignore. We can improve your network security in the same way as an internal IT department, but without the costs associated with adding new salaries to your budget. KT Connections can help your organization implement new security solutions like remote monitoring and maintenance. To learn more, reach out to us at 605-341-3873.

 

Comments

No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Guest
Saturday, 16 December 2017
If you'd like to register, please fill in the username, password and name fields.

Captcha Image

Mobile? Grab this Article!

Qr Code

Tag Cloud

Tip of the Week Security Best Practices hackers Privacy Technology Email malware Business Computing Cloud Internet Network Security Google software Ransomware Business Efficiency User Tips Backup Data Computer IT Support Microsoft Productivity IT Support Network Android Money VoIP Managed IT Services Facebook Hardware cybersecurity Smartphone Small Business Windows Hosted Solutions Mobile Device Management Gmail Microsoft Office Operating System Artificial Intelligence Phishing IT Management Cloud Computing Business Continuity Mobile Devices communications Data Management Smartphones Outsourced IT Communication Outlook Nextiva Encryption Data storage Alert IT Services BDR Windows 10 Upgrade Bandwidth security cameras Disaster Recovery Antivirus Windows 10 Unified Communications Business Management Social Media Update data breach End of Support Apple Internet of Things Passwords Spam App Office 365 Collaboration IoT Browser Scam Lunch and Learn Automation Data Recovery Save Money Remote Monitoring Saving Money Cost Management Document Management SaaS Information Technology Customer Service IBM Search Google Wallet Data Backup Google Maps Google Docs Networking Access Control Hard Drive Legal Big Data Patch Management The Internet of Things security solutions Apps Start Menu BYOD Firewall Gadgets News Drones Productivity Project Management Analytics Events WiFi History Word YouTube Event Marketing Local Buzz Best Practice vulnerability Server Innovation South Dakota Managed IT Services Law Enforcement Politics Robot Virtual Machines Website Fake News Local Technology Black Market Attorneys Virtual Reality IoT Devices Workers Compliance Disaster Physical Security Phone System Tips and Tricks Unified Threat Management business owner Tech Support Internet 101 Webcam Downloads Risk Creep Retail Advertising Microsoft Excel Sales Tax botnet attack Managed Services camera Microsoft Bookings Memory Samsung Hardware as a Service Google Calendar Internet Connected Devices Budget Remote Computing communication solutions Printer Virtual Desktop IT for Oil Companies Business Growth botnet macbook vulnerabilities HaaS Virtualization booking process Laptop identity theft Tablets Network Congestion Hack Knowledge Business Communications Business Comunications Deep Learning Risk Management Microsoft Office 365 Mobility DDoS attacks VPN Press Release Dell ’s Sonicwall Global Management System Vendor Mangement Event Tablet media experience Cryptocurrency Tech Terms Comparison Solid State Drive Touchscreen Office Kaseya Microsoft Office 365 features DDoS Digital Password Business Mangement Mixer SOX information Cleaning security precautions Specifications Websites Penetration Testing Hacking Vendor Management Kaseya Connect Information Security Access Vendors Sarbanes-Oxley Act Flash Data Security Computer Care Television Software as a Service Phishing Scams enterprise productivity software Monitors Conference Social Email Security Hosted Solution How To Redundancy Social Engineering Spyware Google Drive Community Involvement End User Testing Settings Running Cable Audit Chamber of Commerce Mouse Virus face IT Consultation Uninterrupted Power Supply Displays Education Experience password manager LastPass Telephony Download Cabling Workplace Tips Maintenance SharePoint Proactive IT Law IT surveillance cameras IT Assessment Fast food Data Protection Bluetooth Quick Tips Sports Content Filtering Managed Service Provider Cache user confidence VoIP healthcare Wireless Technology Office Tips Fortinet LiFi IT Security Music Lawyers Trend Micro IT Strategy Corporate Profile Programming Safety Managed IT Emergency AtomBombing tool Society Worker Streaming Media Distributed Denial of Service Business Security Rebrand Visible Light Communication Freedom of Information IT Solutions Google Play Store Administration Government Cloud Backup Writing LastPass appointment Rapid City File Sharing Business Technology Communications Time Management communication device Windows 8 Web Servers Windows XP Printing Applications Employer-Employee Relationship CrashOverride Telephone Systems Sync Messenger Marketing Private Cloud Microchip Health Banking In Internet of Things CCTV Books Motion Sickness 3D Printing IT service Web Server Reading Meetings Machine Learning Hiring/Firing Ordinary Computers Bring Your Own Device Administrator Emails Relocation Hacker Work/Life Balance Tracking quantum computers base infrastructure Supercomputer Hacks collaboration capabilities Automobile Holiday Wi-Fi security solution IT Consultant Unified Threat Management Notifications Documents network security professionals Business Metrics end-of-support date Training holiday season Text Messaging PDF Playbook Rental Service Chromebook Flexibility Computing UTM Users Employer Employee Relationship holidays Cortana Digital Payment breach methods Reliable Computing Language Threat management scammers Twitter Public Cloud Taxes Phone Systen Scalability Miscellaneous scams G Suite Paperless Office Travel Processors Computer Malfunction