Then it is particularly important to deploy this month’s (January 2020) ‘Tuesday patch’ from MS as soon as possible on your servers – those old Windows 7, 08(2), 08, 03 and XP ones you shouldn’t have, but are key to your business.
A critical flaw in the remote desktop protocol permitted a remote actor to deploy code on your systems without ANY authentication or user notification. If an attacker gains access to a single machine on your network by exploiting this vulnerability, they can scan the rest of your network and move on – a significant worm attack threat — basically, another WannaCry. Leaving any unpatched systems on your network at the very least leaves you vulnerable to scanning to identify systems with other potential vulnerabilities or packet sniffing attacks.
The full MS vulnerability advisory is here – https://blogs.technet.microsoft.com/msrc/2019/05/14/prevent-a-worm-by-updating-remote-desktop-services-cve-2019-0708/ – if you like a bit of light security horror reading before bed, and want to reconsider that server update budget.
On the desktop side, this month’s is also a biggie fixing 79 vulnerabilities – https://portal.msrc.microsoft.com/en-us/security-guidance/releasenotedetail/e5989c8b-7046-e911-a98e-000d3a33a34d – with almost all applications and critical services being impacted, many with critical issues. The exposure is sufficiently critical that MS advises that all users apply the patch ‘as soon as possible’, as some of the exploits have been observed already in use.
Talk to NWT about how we can help with your technology security.