CIO News Hubb
Advertisement
  • Home
  • News
  • Operations CIO
  • Visionary CIO
  • IT Management
  • Information Security
  • Contact
No Result
View All Result
  • Home
  • News
  • Operations CIO
  • Visionary CIO
  • IT Management
  • Information Security
  • Contact
No Result
View All Result
CIO News Hubb
No Result
View All Result
Home Information Security

Merry Patching Christmas

admin by admin
December 21, 2022
in Information Security


Here’s an important update to make before you log off for the holidays.

For those of you that are on your way to take a break next week, we’ve got a bit of advice to avoid encountering some unnecessary scares during this time that you’ll be spending with your loved ones.

Put simply: If you’re running any version of Windows, please update it as soon as possible! There’s a new Windows remote code execution vulnerability affecting all Windows machines. Even though it’s not yet being exploited in the wild, it’s better to be safe than sorry. 

Looking back at WannaCry

Some of you probably remember the worst ransomware outbreak in history, WannaCry. In that case, the attack was also taking advantage of a remote code execution vulnerability. WannaCry affected the SMB protocol, while this new one (CVE-2022-37958) works in a broader range of network protocols, including SMTP and HTTP when SPNEGO web authentication is enabled.

Microsoft has a list with the different security updates covering from Windows 7 up to Windows 11. The update first appeared in September’s Patch Tuesday security updates and was deemed as “important”; however, after new information was discovered showing the attack potential of the vulnerability, it has been updated to “critical” by Microsoft with a severity rating of 8.1 (note that this is the same as EternalBlue, the exploit used by WannaCry).

While consumers usually have security updates on and applied by default, this isn’t the case for SMBs and bigger enterprises. This is due to the fact that a number of steps have to be taken in advance, such as ensuring compatibility with used applications. 

For SMBs and enterprises, the priority of patching this vulnerability must be increased, as all unpatched computers will be at risk if (when!) a new worm using this vulnerability is released.



Source link

Previous Post

Ingredientsofleadership

Next Post

Raspberry Robin Worm Strikes Again, Targeting Telecom and Government Systems

Related Posts

Information Security

N. Korean Hackers ‘Mixing’ macOS Malware Tactics to Evade Detection

by admin
November 28, 2023
Information Security

Introducing new central configuration capabilities in AWS Security Hub

by admin
November 28, 2023
Information Security

Cybercriminals Using Telekopye Telegram Bot to Craft Phishing Scams on a Grand Scale

by admin
November 27, 2023
Information Security

How to use the BatchGetSecretValue API to improve your client-side applications with AWS Secrets Manager

by admin
November 27, 2023
Information Security

3 Critical Vulnerabilities Expose ownCloud Users to Data Breaches

by admin
November 26, 2023
Next Post

Raspberry Robin Worm Strikes Again, Targeting Telecom and Government Systems

Recommended

Using AI to Improve ITSM Processes

November 28, 2023

N. Korean Hackers ‘Mixing’ macOS Malware Tactics to Evade Detection

November 28, 2023

Introducing new central configuration capabilities in AWS Security Hub

November 28, 2023

Know these 15 Signs + 15 Tactics to Transform From Floundering to Winning Departments

November 28, 2023

Hong Kong-Pacific Harbor View ~ Future of CIO

November 27, 2023

Cybercriminals Using Telekopye Telegram Bot to Craft Phishing Scams on a Grand Scale

November 27, 2023

© CIO News Hubb All rights reserved.

Use of these names, logos, and brands does not imply endorsement unless specified. By using this site, you agree to the Privacy Policy and Terms & Conditions.

Navigate Site

  • Home
  • News
  • Operations CIO
  • Visionary CIO
  • IT Management
  • Information Security
  • Contact

Newsletter Sign Up

No Result
View All Result
  • Home
  • News
  • Operations CIO
  • Visionary CIO
  • IT Management
  • Information Security
  • Contact

© 2022 CIO News Hubb All rights reserved.