Bredy Network Management Corporation Blogs

2 minutes reading time (499 words)

Your Search Bar Is Now More Secure

Your Search Bar Is Now More Secure

August saw yet another Patch Tuesday designed to resolve security issues in Microsoft products. Out of the 48 vulnerabilities resolved, 15 affected Windows, while 25 were rated as critical, 21 as important, and 27 that allowed for remote code execution. This might sound a little overwhelming, so we’ll try to simplify it a bit--a lot of flaws were fixed, and the majority of them can be considered dangerous for your organization.

Since only 15 affected Windows itself, you might be wondering where the others were applied. Other Microsoft products, including Internet Explorer, Microsoft Edge, Sharepoint, SQL Server, Hyper-V, and Kernel, all required a response from the developer. Only two of these flaws affected all versions of Windows and Windows Server, yet none of them were being exploited in the wild by hackers trying to find their next victim.

There is one vulnerability, however, that should require your immediate attention, and this is the one which targets the Windows Search function in your device. The vulnerability in question, CVE-2017-8620, can be exploited remotely via Server Management Block (SMB) to take over a system. This includes both a Windows workstation or a Windows Server unit. Thankfully, the flaw doesn’t exist in SMB itself, and is unaffected by the dangerous threats like the WannaCry ransomware and NotPetya.

According to the Windows advisory, the vulnerability is exploited through the way that Windows Search handles objects in memory. Basically, hackers can send specialized messages through Windows Search to change user permissions. Once they have done so, the possibilities are limitless. Hackers could install, remove, or change applications on the targeted device, as well as view, change, or delete data stored on it. Even scarier is the ability to create an entirely new account with full administrator privileges.

This type of vulnerability is something out of a hacker’s dream, allowing them to take full advantage of a victim’s computer with relatively little trouble. The good news is that as long as you apply the required patches and security updates, the issue can be resolved easily enough. How does your organization combat vulnerabilities? You need to implement patches and security updates in at least some capacity, as not doing anything at all is a recipe for disaster--especially with a threat as thorough as the one mentioned above. Thankfully, there is a solution for organizations that either don’t have the time or the resources to implement patches in a timely manner.

Outsourced IT services, including remote patching and maintenance, can be acquired by organizations of all sizes, without breaking your budget or dragging down operations due to maintenance. You can take advantage of enterprise-level solutions designed to help your organization optimize security, without hiring an internal IT department and adding new salaries to your budget. BNMC can help your business identify and repair weaknesses in its computing infrastructure. To learn more, reach out to us at 978-482-2020.

Our clients that are subscribed to our Managed IT services will be covered and will be getting the Windows updates once it has been fully tested.



No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Monday, July 23 2018
If you'd like to register, please fill in the username, password and name fields.

Captcha Image

Subscribe to Our Blog!

Mobile? Grab this Article!

Qr Code

Tag Cloud

Security Tip of the Week Best Practices Technology Cloud Email Malware Privacy Hackers Business Computing Software Internet Microsoft Google Business Mobile Devices Network Security Computer Hosted Solutions Ransomware Android IT Services Tech Term Smartphone Managed IT Services Windows Small Business Backup Hardware Data Management IT Support Data User Tips Internet of Things Browser Innovation Cloud Computing Cybersecurity App Business Continuity Windows 10 Encryption Business Management Artificial Intelligence Gmail Remote Monitoring Facebook Server Data Recovery Saving Money Tip of the week Infrastructure Managed IT Services Smartphones Productivity Data Backup Chrome Vulnerability Word Managed Service Provider Outsourced IT Phishing Money IT Support Productivity Efficiency Communication Office 365 Windows 10 Disaster Recovery Analytics Microsoft Office communications Passwords Big Data Antivirus Settings Network Data storage Robot IT Management Applications Employer-Employee Relationship YouTube Risk Management Social Media Website Google Drive Content Filtering Office Tips Bandwidth Government Upgrade Holiday Data loss The Internet of Things Apple Two-factor Authentication Unified Threat Management BYOD Avoiding Downtime Managing Stress Telephone Systems Storage VoIP Scam Alert Maintenance Firewall HIPAA Vendor Management Monitors Save Money Workplace Tips VPN Spam Computing Data Security Wireless Outlook Mobile Security Server Management Automation WiFi Business Technology LiFi End of Support Virtual Private Network Hosted Solution Virtual Reality Mobile Device Paperless Office Administration Mouse Company Culture SaaS Miscellaneous K-12 Schools Cookies MSP Computers Education Hacks Address Permissions Augmented Reality Google Wallet User Error Social Networking Dark Data Bitcoin Patch Management Managed IT Service Computing Infrastructure Professional Services desktop Printing Customer Relationship Management Chatbots eWaste Digital Payment Business Growth Specifications Star Wars Retail Wearable Technology Network upgrade Politics Digital Cybercrime Legal Heating/Cooling Multi-Factor Security Nanotechnology Development Display Disaster Password Downtime Unified Communications Drones Time Management Printer Motherboard Cables Customer Service Collaboration Marketing Windows 8 Break Fix Alerts USB Networking Identity Continuity Gadgets Hacker Search Black Friday Fraud Cost Management Office Samsung Smart Office Tech Support Document Management Spyware Deep Learning Servers Google Calendar Screen Reader Charging Uninterrupted Power Supply Emergency Computer Care IBM Network Management Access Control Wires Chromebook File Sharing Dark Web Licensing Dongle Solid State Drive Solar Users Alt Codes Halloween Cyber Monday Assessment Social Engineering Work Websites Identity Theft Bring Your Own Device Operating System Legislation Smart Tech Training Corporate Profile Budget Touchscreen SharePoint Router Voice over Internet Protocol Social Microsoft Excel Cooperation Service Level Agreement Hard Disk Drive Information Technology Quick Tips Techology Compliance Business Intelligence Automobile Typing Scary Stories Humor Managed IT Smart Technology Hotspot Internet Exlporer Safety How To Lenovo IT Technicians Optimization Best Practice Running Cable Statistics Tablet Connectivity Remote Computing Dell Current Events WannaCry Downloads Modem FinTech Network Congestion Cabling Buisness Mail Merge Blockchain Staff Leominster Apps VoIP Virtual Desktop Unified Threat Management Regulations Google Maps Cryptocurrency Sports Shortcut Distributed Denial of Service Language Value IT solutions Going Green Firefox Superfish Mirgation Recycling Wi-Fi Laptop Google Docs Bluetooth Comparison IoT Writing Unsupported Software GPS Virtualization IT Consultant Update Computer Repair Relocation Cameras Mobile Data Tracking Meetings How To Work/Life Balance Cleaning Recovery CCTV Health Private Cloud Black Market Webcam Mobile Device Management Law Enforcement BDR Electronic Medical Records Error Notifications Physical Security Twitter Point of Sale Ben McDonald shares Mobile Computing Upgrades Gadget Emoji Travel G Suite Crowdsourcing Personal Information Botnet Supercomputer CrashOverride 3D Printing Staffing Cortana Motion Sickness Taxes Administrator Machine Learning IT Budget Processors Web Server what was your?

Sign up for our Newsletter!

  • Company Name *
  • First Name *
  • Last Name *

      What Our Clients Say

      • BNMC has provided us with nothing less than outstanding service and results for all of our IT needs for the past few years. Every member of their staff is professional, knowledgeable, friendly and eager to solve any problem...
      • 1
      • 2
      • 3