Bredy Network Management Corporation Blogs

BNMC has been serving the Andover area since 1988, providing IT Support such as technical helpdesk support, computer support, and consulting to small and medium-sized businesses.

Your Search Bar Is Now More Secure

Your Search Bar Is Now More Secure

August saw yet another Patch Tuesday designed to resolve security issues in Microsoft products. Out of the 48 vulnerabilities resolved, 15 affected Windows, while 25 were rated as critical, 21 as important, and 27 that allowed for remote code execution. This might sound a little overwhelming, so we’ll try to simplify it a bit--a lot of flaws were fixed, and the majority of them can be considered dangerous for your organization.

Since only 15 affected Windows itself, you might be wondering where the others were applied. Other Microsoft products, including Internet Explorer, Microsoft Edge, Sharepoint, SQL Server, Hyper-V, and Kernel, all required a response from the developer. Only two of these flaws affected all versions of Windows and Windows Server, yet none of them were being exploited in the wild by hackers trying to find their next victim.

There is one vulnerability, however, that should require your immediate attention, and this is the one which targets the Windows Search function in your device. The vulnerability in question, CVE-2017-8620, can be exploited remotely via Server Management Block (SMB) to take over a system. This includes both a Windows workstation or a Windows Server unit. Thankfully, the flaw doesn’t exist in SMB itself, and is unaffected by the dangerous threats like the WannaCry ransomware and NotPetya.

According to the Windows advisory, the vulnerability is exploited through the way that Windows Search handles objects in memory. Basically, hackers can send specialized messages through Windows Search to change user permissions. Once they have done so, the possibilities are limitless. Hackers could install, remove, or change applications on the targeted device, as well as view, change, or delete data stored on it. Even scarier is the ability to create an entirely new account with full administrator privileges.

This type of vulnerability is something out of a hacker’s dream, allowing them to take full advantage of a victim’s computer with relatively little trouble. The good news is that as long as you apply the required patches and security updates, the issue can be resolved easily enough. How does your organization combat vulnerabilities? You need to implement patches and security updates in at least some capacity, as not doing anything at all is a recipe for disaster--especially with a threat as thorough as the one mentioned above. Thankfully, there is a solution for organizations that either don’t have the time or the resources to implement patches in a timely manner.

Outsourced IT services, including remote patching and maintenance, can be acquired by organizations of all sizes, without breaking your budget or dragging down operations due to maintenance. You can take advantage of enterprise-level solutions designed to help your organization optimize security, without hiring an internal IT department and adding new salaries to your budget. BNMC can help your business identify and repair weaknesses in its computing infrastructure. To learn more, reach out to us at 978-482-2020.

Our clients that are subscribed to our Managed IT services will be covered and will be getting the Windows updates once it has been fully tested.



No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Tuesday, 26 September 2017
If you'd like to register, please fill in the username, password and name fields.

Captcha Image

Subscribe to Our Blog!

Mobile? Grab this Article!

Qr Code

Tag Cloud

Security Tip of the Week Cloud Best Practices Technology Email Malware Privacy Hackers Hosted Solutions Business Computing Internet Software Google Windows Ransomware Microsoft Computer IT Services Backup Business Windows 10 App Network Security Hardware Smartphone Data Business Continuity Innovation Saving Money Mobile Devices IT Support Cloud Computing Productivity Data Management Phishing Internet of Things Efficiency Word Robot Google Drive Small Business Settings Upgrade Managed IT Services Data Recovery Data storage Gmail Office Tips Big Data Smartphones Remote Monitoring Facebook Android Telephone Systems IT Management Alert Analytics Risk Management Artificial Intelligence Productivity Network Encryption Cybersecurity End of Support Chrome Hosted Solution Server IT Support Workplace Tips Unified Threat Management Managed IT Services YouTube Microsoft Office communications Social Media Outsourced IT User Tips Money Windows 10 Outlook Monitors Disaster Recovery Browser Save Money Tip of the week Passwords Mobile Device Vulnerability LiFi Office 365 Miscellaneous Managed Service Provider Administration Apple Content Filtering SaaS Writing Printing Server Management IT solutions Legal desktop Windows 8 Digital Virtual Private Network Politics Dark Data Retail Firewall Quick Tips Collaboration Statistics Samsung Running Cable Spyware Mail Merge Buisness Customer Service Office Computing VoIP File Sharing Virtual Desktop Bluetooth Vendor Management Laptop Operating System Solid State Drive Social Employer-Employee Relationship Address Deep Learning Websites Social Engineering Information Technology Avoiding Downtime Antivirus Spam Best Practice Hard Disk Drive Data Backup Bring Your Own Device Downtime Safety Cabling Time Management Search Google Docs Gadgets Hacks How To Emergency Network Congestion Google Wallet Infrastructure Network Management Bandwidth Apps Halloween Users Business Growth Password Firefox Business Technology Digital Payment Computers Education Drones Disaster Touchscreen Managed IT Scary Stories Hacker Maintenance Lenovo Website Display Uninterrupted Power Supply IBM Shortcut Computer Care Unified Communications Sports Alt Codes Superfish Wireless The Internet of Things Budget Typing Corporate Profile Patch Management Training Humor Automation VoIP Current Events Scam Customer Relationship Management Automobile Heating/Cooling WiFi Cybercrime Mouse Dell Cryptocurrency WannaCry Virtual Reality Marketing Communication Going Green Google Maps Servers Bitcoin Data loss VPN Storage Business Management Cameras Unsupported Software Tracking Update CCTV Mobile Data Document Management Tech Support Recovery Notifications Identity Theft Chromebook Travel G Suite Crowdsourcing Physical Security CrashOverride Supercomputer Botnet Emoji Motion Sickness Taxes Government Personal Information IT Budget Machine Learning Cortana IT Consultant BYOD Wi-Fi Relocation Virtualization Meetings Cleaning Work/Life Balance Computer Repair Mobile Device Management Private Cloud How To Webcam Law Enforcement Health Mobile Computing Error Black Market Point of Sale Ben McDonald shares Gadget Electronic Medical Records Twitter Paperless Office Upgrades Staffing Networking Administrator Remote Computing Web Server Processors 3D Printing what was your? GPS Holiday

Sign up for our Newsletter!

  • Company Name *
  • First Name *
  • Last Name *

      What Our Clients Say

      • BNMC has provided us with nothing less than outstanding service and results for all of our IT needs for the past few years. Every member of their staff is professional, knowledgeable, friendly and eager to solve any problem...
      • 1
      • 2
      • 3