August Patch Tuesday – be aware
By Brian Cowan
This week saw the August Patch Tuesday release by Microsoft and some important security fixes to popular environments such as Windows 10, Windows Server 2012 and 2016. 25 of the 49 patches issued were to address critical security flaws.
Patch Tuesday headline – Remote code execution flaw
Whilst all security vulnerabilities are important, the not very exotically named CVE-2017-8620 addresses a remote code execution vulnerability for which exploits are believed to be available. The vulnerability exists in all supported Windows versions and allows an attacker to take control of a machine via a floor in the Windows Search facility. Once control is established, network havoc can ensue.
Other affected areas
Other areas addressed in the August update include:
Full details of Microsoft Security update releases can be found here.
During the July DEF CON 25 gathering in Las Vegas highlighted a flaw in the Microsoft Windows Server Message Block (SMB) protocol that has existed back to the days of Windows 200 and possibly earlier. It is known as SMBLoris and provides facility for remote DOS attacks.
It was originally thought to affect version 1 of SMB only and Microsoft issued a response in 2016. However, it exists in all versions and the recommendation now is to use firewall protection for ports 445 and 139 and limit access locally.
If you have any concerns regarding your system security, or wish to have an independent assessment of infrastructure, Keytech provide a range of comprehensive and detailed audit services.