Bredy Network Management Corporation Blogs

BNMC has been serving the Andover area since 1988, providing IT Support such as technical helpdesk support, computer support, and consulting to small and medium-sized businesses.

Your Search Bar Is Now More Secure

Your Search Bar Is Now More Secure

August saw yet another Patch Tuesday designed to resolve security issues in Microsoft products. Out of the 48 vulnerabilities resolved, 15 affected Windows, while 25 were rated as critical, 21 as important, and 27 that allowed for remote code execution. This might sound a little overwhelming, so we’ll try to simplify it a bit--a lot of flaws were fixed, and the majority of them can be considered dangerous for your organization.

Since only 15 affected Windows itself, you might be wondering where the others were applied. Other Microsoft products, including Internet Explorer, Microsoft Edge, Sharepoint, SQL Server, Hyper-V, and Kernel, all required a response from the developer. Only two of these flaws affected all versions of Windows and Windows Server, yet none of them were being exploited in the wild by hackers trying to find their next victim.

There is one vulnerability, however, that should require your immediate attention, and this is the one which targets the Windows Search function in your device. The vulnerability in question, CVE-2017-8620, can be exploited remotely via Server Management Block (SMB) to take over a system. This includes both a Windows workstation or a Windows Server unit. Thankfully, the flaw doesn’t exist in SMB itself, and is unaffected by the dangerous threats like the WannaCry ransomware and NotPetya.

According to the Windows advisory, the vulnerability is exploited through the way that Windows Search handles objects in memory. Basically, hackers can send specialized messages through Windows Search to change user permissions. Once they have done so, the possibilities are limitless. Hackers could install, remove, or change applications on the targeted device, as well as view, change, or delete data stored on it. Even scarier is the ability to create an entirely new account with full administrator privileges.

This type of vulnerability is something out of a hacker’s dream, allowing them to take full advantage of a victim’s computer with relatively little trouble. The good news is that as long as you apply the required patches and security updates, the issue can be resolved easily enough. How does your organization combat vulnerabilities? You need to implement patches and security updates in at least some capacity, as not doing anything at all is a recipe for disaster--especially with a threat as thorough as the one mentioned above. Thankfully, there is a solution for organizations that either don’t have the time or the resources to implement patches in a timely manner.

Outsourced IT services, including remote patching and maintenance, can be acquired by organizations of all sizes, without breaking your budget or dragging down operations due to maintenance. You can take advantage of enterprise-level solutions designed to help your organization optimize security, without hiring an internal IT department and adding new salaries to your budget. BNMC can help your business identify and repair weaknesses in its computing infrastructure. To learn more, reach out to us at 978-482-2020.

Our clients that are subscribed to our Managed IT services will be covered and will be getting the Windows updates once it has been fully tested.

 

Comments

No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Guest
Tuesday, 16 January 2018
If you'd like to register, please fill in the username, password and name fields.

Captcha Image

Subscribe to Our Blog!

Mobile? Grab this Article!

Qr Code

Tag Cloud

Security Tip of the Week Technology Best Practices Cloud Privacy Email Malware Hackers Business Computing Internet Microsoft Hosted Solutions Software IT Services Business Ransomware Android Computer Smartphone Google Windows Network Security Windows 10 Backup Small Business Business Continuity Data Browser Innovation Internet of Things App Hardware Data Management Managed IT Services Data Recovery User Tips Smartphones Tip of the week Outsourced IT Saving Money Remote Monitoring Artificial Intelligence Office 365 Encryption Mobile Devices Productivity IT Support Phishing Cloud Computing Upgrade Cybersecurity Gmail Office Tips IT Support Data storage Big Data Money Windows 10 Managed Service Provider Facebook Efficiency Vulnerability Risk Management Settings Word Robot Google Drive Productivity Employer-Employee Relationship communications Social Media Disaster Recovery Government Microsoft Office Unified Threat Management Passwords Managed IT Services LiFi Outlook Maintenance Monitors Administration Two-factor Authentication Save Money Content Filtering Automation Scam Mouse Analytics Miscellaneous Apple Mobile Device SaaS IT Management Network Virtual Private Network Holiday Business Management Telephone Systems Alert Computing Chrome Hosted Solution Server Firewall Bandwidth Workplace Tips Antivirus End of Support YouTube Data Backup Education Printer Time Management Safety Websites Black Friday Google Docs Scary Stories Search Hard Disk Drive Mobile Security Network Congestion Website Emergency Hacks Access Control Google Wallet Network Management Wi-Fi Unified Communications Cyber Monday Sports Business Growth Cabling Hotspot Computers Business Technology Password SharePoint Drones The Internet of Things Touchscreen How To Infrastructure Smart Technology Managed IT Hacker VoIP Language Display BYOD Lenovo WiFi Downloads Cybercrime Firefox Digital Payment Disaster Distributed Denial of Service Shortcut Alt Codes Marketing Computing Infrastructure Superfish Budget Uninterrupted Power Supply Managed IT Service Humor Patch Management Typing Customer Relationship Management IBM Computer Care Alerts Current Events IT solutions Multi-Factor Security Heating/Cooling Wireless Virtual Reality Break Fix Cryptocurrency Corporate Profile Training Communication Networking Going Green Automobile Google Calendar Running Cable Servers Dell Dark Web Storage Buisness VPN Bitcoin WannaCry Writing Virtual Desktop Data Security Printing Legislation Legal Laptop Server Management Google Maps Deep Learning Microsoft Excel Dark Data Windows 8 Quick Tips Data loss Retail Techology Spam Tablet Statistics desktop Bring Your Own Device Blockchain Customer Service Downtime Mail Merge Unified Threat Management VoIP Digital Office Politics Vendor Management Collaboration Comparison Operating System Bluetooth Gadgets Permissions Samsung Address Social User Error Information Technology Avoiding Downtime Spyware Social Engineering File Sharing Apps Specifications Halloween Best Practice Users Solid State Drive Fraud Identity Theft Personal Information Travel Cortana G Suite Crowdsourcing CrashOverride Supercomputer Botnet Motion Sickness Virtualization Taxes IT Budget Machine Learning Computer Repair IT Consultant Mobile Device Management Relocation How To Health Meetings Black Market Cleaning Work/Life Balance Mobile Computing Private Cloud Electronic Medical Records Webcam Twitter Law Enforcement Error Upgrades Ben McDonald shares Point of Sale Remote Computing Licensing Gadget 3D Printing Paperless Office Staffing Unsupported Software Administrator what was your? Update Web Server Processors GPS Mobile Data Recovery Cameras Tracking Chromebook CCTV Document Management Tech Support Physical Security Emoji Notifications

Sign up for our Newsletter!

  • Company Name *
  • First Name *
  • Last Name *

      What Our Clients Say

      • BNMC has provided us with nothing less than outstanding service and results for all of our IT needs for the past few years. Every member of their staff is professional, knowledgeable, friendly and eager to solve any problem...
      • 1
      • 2
      • 3