Bredy Network Management Corporation Blogs

BNMC has been serving the Andover area since 1988, providing IT Support such as technical helpdesk support, computer support, and consulting to small and medium-sized businesses.

Your Search Bar Is Now More Secure

Your Search Bar Is Now More Secure

August saw yet another Patch Tuesday designed to resolve security issues in Microsoft products. Out of the 48 vulnerabilities resolved, 15 affected Windows, while 25 were rated as critical, 21 as important, and 27 that allowed for remote code execution. This might sound a little overwhelming, so we’ll try to simplify it a bit--a lot of flaws were fixed, and the majority of them can be considered dangerous for your organization.

Since only 15 affected Windows itself, you might be wondering where the others were applied. Other Microsoft products, including Internet Explorer, Microsoft Edge, Sharepoint, SQL Server, Hyper-V, and Kernel, all required a response from the developer. Only two of these flaws affected all versions of Windows and Windows Server, yet none of them were being exploited in the wild by hackers trying to find their next victim.

There is one vulnerability, however, that should require your immediate attention, and this is the one which targets the Windows Search function in your device. The vulnerability in question, CVE-2017-8620, can be exploited remotely via Server Management Block (SMB) to take over a system. This includes both a Windows workstation or a Windows Server unit. Thankfully, the flaw doesn’t exist in SMB itself, and is unaffected by the dangerous threats like the WannaCry ransomware and NotPetya.

According to the Windows advisory, the vulnerability is exploited through the way that Windows Search handles objects in memory. Basically, hackers can send specialized messages through Windows Search to change user permissions. Once they have done so, the possibilities are limitless. Hackers could install, remove, or change applications on the targeted device, as well as view, change, or delete data stored on it. Even scarier is the ability to create an entirely new account with full administrator privileges.

This type of vulnerability is something out of a hacker’s dream, allowing them to take full advantage of a victim’s computer with relatively little trouble. The good news is that as long as you apply the required patches and security updates, the issue can be resolved easily enough. How does your organization combat vulnerabilities? You need to implement patches and security updates in at least some capacity, as not doing anything at all is a recipe for disaster--especially with a threat as thorough as the one mentioned above. Thankfully, there is a solution for organizations that either don’t have the time or the resources to implement patches in a timely manner.

Outsourced IT services, including remote patching and maintenance, can be acquired by organizations of all sizes, without breaking your budget or dragging down operations due to maintenance. You can take advantage of enterprise-level solutions designed to help your organization optimize security, without hiring an internal IT department and adding new salaries to your budget. BNMC can help your business identify and repair weaknesses in its computing infrastructure. To learn more, reach out to us at 978-482-2020.

Our clients that are subscribed to our Managed IT services will be covered and will be getting the Windows updates once it has been fully tested.



No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Monday, 19 March 2018
If you'd like to register, please fill in the username, password and name fields.

Captcha Image

Subscribe to Our Blog!

Mobile? Grab this Article!

Qr Code

Tag Cloud

Security Tip of the Week Best Practices Technology Cloud Email Privacy Malware Hackers Software Business Computing Internet Microsoft Hosted Solutions Ransomware Android Network Security IT Services Business Google Mobile Devices Computer Backup Smartphone Windows Windows 10 Innovation Data Management Small Business Business Continuity Browser Cloud Computing Internet of Things App Artificial Intelligence Hardware Encryption Data Server Business Management Gmail Smartphones Managed Service Provider Data Recovery Efficiency IT Support Saving Money Tip of the week Outsourced IT Productivity Managed IT Services Remote Monitoring Phishing Office 365 User Tips Office Tips Word Big Data Communication Antivirus Productivity Cybersecurity Facebook IT Support Infrastructure Risk Management Robot Windows 10 Google Drive Upgrade Vulnerability Chrome Settings Data storage IT Management Money Telephone Systems Save Money Alert Automation Firewall Mouse Disaster Recovery Virtual Reality Miscellaneous Passwords Apple SaaS Data Backup Storage LiFi HIPAA Employer-Employee Relationship Mobile Security Administration Content Filtering Business Technology Government Computing Analytics Unified Threat Management Managed IT Services BYOD Maintenance End of Support Network Two-factor Authentication Scam Hosted Solution Mobile Device Microsoft Office VPN Bandwidth Workplace Tips Data Security Server Management YouTube Virtual Private Network Outlook Holiday Social Media Data loss Monitors communications Statistics Budget Website Regulations Tablet Blockchain desktop Mail Merge Humor Typing Unified Communications Politics Sports Augmented Reality Digital Unified Threat Management VoIP Current Events Bluetooth Collaboration Comparison The Internet of Things Permissions Address Cryptocurrency Samsung Tech Support Wearable Technology Remote Computing Spyware User Error Document Management Avoiding Downtime Going Green File Sharing VoIP Specifications Cybercrime Fraud Solid State Drive Bitcoin WiFi Websites Marketing Printer Writing Identity Theft Time Management Printing Search Legal Black Friday Hard Disk Drive Emergency Dark Data Windows 8 Applications Access Control Retail Network Management Cabling Cyber Monday Hotspot Customer Service IT solutions IT Technicians How To SharePoint Office Touchscreen Vendor Management Managed IT Operating System Smart Technology Running Cable Language Lenovo Social Information Technology Buisness Mirgation Firefox Downloads Social Engineering Digital Payment Distributed Denial of Service Disaster Shortcut Best Practice Virtual Desktop Laptop Computing Infrastructure Superfish Deep Learning Chatbots Safety Managed IT Service Uninterrupted Power Supply Patch Management Google Docs Alerts IBM Network Congestion Computer Care Customer Relationship Management Hacks Spam Wireless Heating/Cooling Google Wallet Bring Your Own Device Downtime Identity Multi-Factor Security Break Fix Wi-Fi Business Growth Licensing Gadgets Corporate Profile Networking Computers Training Password Servers Drones Automobile Tech Term Google Calendar Dark Web Dell Paperless Office Hacker Halloween Cooperation Users WannaCry Display Apps Google Maps Compliance Legislation Microsoft Excel Alt Codes Education Scary Stories Staff Techology Quick Tips Electronic Medical Records Cameras Twitter Tracking Upgrades CCTV 3D Printing Notifications Unsupported Software Travel Update G Suite Crowdsourcing Botnet CrashOverride Supercomputer Mobile Data Motion Sickness Recovery Taxes Machine Learning IT Budget Chromebook IT Consultant Relocation Physical Security Meetings Emoji Cleaning Work/Life Balance Private Cloud Personal Information Webcam Cortana Law Enforcement Error Ben McDonald shares Point of Sale Gadget Virtualization Computer Repair Staffing Mobile Device Management Administrator How To Health what was your? Web Server Processors Black Market GPS Mobile Computing

Sign up for our Newsletter!

  • Company Name *
  • First Name *
  • Last Name *

      What Our Clients Say

      • BNMC has provided us with nothing less than outstanding service and results for all of our IT needs for the past few years. Every member of their staff is professional, knowledgeable, friendly and eager to solve any problem...
      • 1
      • 2
      • 3