crn5000-inc2015 BPTW logo
Contact us today!
(918) 770-8738
 
 

Integrated Business Technologies Blog

Integrated Business Technologies has been serving the Broken Arrow area since 2007, providing IT Support such as technical helpdesk support, computer support, and consulting to small and medium-sized businesses.

Your Search Bar Is Now More Secure

August saw yet another Patch Tuesday designed to resolve security issues in Microsoft products. Out of the 48 vulnerabilities resolved, 15 affected Windows, while 25 were rated as critical, 21 as important, and 27 that allowed for remote code execution. This might sound a little overwhelming, so we’ll try to simplify it a bit--a lot of flaws were fixed, and the majority of them can be considered dangerous for your organization.

Since only 15 affected Windows itself, you might be wondering where the others were applied. Other Microsoft products, including Internet Explorer, Microsoft Edge, Sharepoint, SQL Server, Hyper-V, and Kernel, all required a response from the developer. Only two of these flaws affected all versions of Windows and Windows Server, yet none of them were being exploited in the wild by hackers trying to find their next victim.

There is one vulnerability, however, that should require your immediate attention, and this is the one which targets the Windows Search function in your device. The vulnerability in question, CVE-2017-8620, can be exploited remotely via Server Management Block (SMB) to take over a system. This includes both a Windows workstation or a Windows Server unit. Thankfully, the flaw doesn’t exist in SMB itself, and is unaffected by the dangerous threats like the WannaCry ransomware and NotPetya.

According to the Windows advisory, the vulnerability is exploited through the way that Windows Search handles objects in memory. Basically, hackers can send specialized messages through Windows Search to change user permissions. Once they have done so, the possibilities are limitless. Hackers could install, remove, or change applications on the targeted device, as well as view, change, or delete data stored on it. Even scarier is the ability to create an entirely new account with full administrator privileges.

This type of vulnerability is something out of a hacker’s dream, allowing them to take full advantage of a victim’s computer with relatively little trouble. The good news is that as long as you apply the required patches and security updates, the issue can be resolved easily enough. How does your organization combat vulnerabilities? You need to implement patches and security updates in at least some capacity, as not doing anything at all is a recipe for disaster--especially with a threat as thorough as the one mentioned above. Thankfully, there is a solution for organizations that either don’t have the time or the resources to implement patches in a timely manner.

Outsourced IT services, including remote patching and maintenance, can be acquired by organizations of all sizes, without breaking your budget or dragging down operations due to maintenance. You can take advantage of enterprise-level solutions designed to help your organization optimize security, without hiring an internal IT department and adding new salaries to your budget. Integrated Business Technologies can help your business identify and repair weaknesses in its computing infrastructure. To learn more, reach out to us at (918) 770-8738.

Our clients that are subscribed to our Managed IT services will be covered and will be getting the Windows updates once it has been fully tested.

 

Comments

No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Guest
Tuesday, 12 December 2017
If you'd like to register, please fill in the username, password and name fields.

Captcha Image

Sign Up for Our Newsletter

  • First Name *
  • Last Name *

      Free Consultation

      Sign up today for a
      FREE Network Consultation

      How secure is your IT infrastructure?
      Let us evaluate it for free!

      Sign up Now!

      freeconsultation
       

      Tag Cloud

      Security Technology Tip of the Week Privacy Business Management Managed Service Provider Internet Microsoft Saving Money Cloud Productivity Business Computing Workplace Tips Best Practices IT Services Backup Hackers Hosted Solutions Business IT Support Small Business Network Mobile Devices Hardware Malware Email Software Smartphones Data Communication Windows Server Upgrade Business Continuity Mobile Device Management Virtualization Microsoft Office VoIP Efficiency Disaster Recovery Google Mobile Office Computer Miscellaneous Vendor Management Gadgets Social Media Quick Tips Holiday Innovation Windows 10 User Tips Mobile Computing WiFi BYOD Smartphone Best Practice Passwords Remote Monitoring Browser Bring Your Own Device Users Trending Wireless Technology Operating System Apple Spam Android Firewall Alert Internet of Things Outsourced IT Managed IT services The Internet of Things Content Filtering Remote Computing Going Green History Information Technology Current Events Big Data Office Data Management IT Solutions Unified Threat Management Save Money Lithium-ion Battery IT Consultant Network Security Printer Gmail Avoiding Downtime Maintenance Data Backup Hard Drives App Analytics Customer Relationship Management Facebook Windows 8 Ransomware Tech Support Humor Artificial Intelligence Managed IT Saving Time Business Growth Risk Management Apps Application Virus Employer-Employee Relationship Customer Service Hacking Computers Fax Server Phone System Outlook Health Collaboration Marketing Excel Office Tips Antivirus Retail Phishing IT service Digital Payment VPN PowerPoint Training Tablet iPhone User Error Password Co-Managed IT Administration Presentation Two-factor Authentication Budget Automation Proactive IT Computer Repair Router Mouse Recovery Inbound Marketing Money Data Recovery Running Cable Social Mobile Device Cybersecurity Social Networking Project Management Robot Hiring/Firing Mobility Printing Display End of Support Government LiFi Website Computing Statistics Help Desk Office 365 Intranet Competition Business Intelligence Files Network Congestion Downtime Applications Augmented Reality Search Piracy Virtual Desktop USB Business Owner Encryption Sports Tip of the week Hacker User Point of Sale Programming Analyitcs Education Document Management Net Neutrality Specifications Safety Settings Hosted Solution Licensing IBM Chrome Wireless Data storage Cybercrime File Sharing Save Time Hacks Wearable Technology Documents Conferencing Wi-Fi Halloween SaaS Smart Technology Entrepreneur Unified Communications Downloads Alerts Macro PC Care Undo PDF Value People Networking 5G Scary Stories Distributed Denial of Service eBay Multi-Factor Security Remote Support Leadership Software Tips Skype Streaming Media New Additions Data Security Monitors Google Calendar Telephony Managed IT Service Deep Learning Print Server Gaming Console Text Messaging Work Station Domains Google Wallet Fun Writing LinkedIn Congratulations Techology Legislation Break Fix Word Law Firm IT Video Surveillance Windows 8.1 Update Recycling IT Support Public Speaking Drones Cortana Social Engineering Best Available eWaste Buisness Disaster Resistance Private Cloud Dark Web Identities Managed IT Services Backups Knowledge Environment CIO Adminstration IT Consulting Software as a Service Public Cloud Solid State Drive Bluetooth 3D Online Currency Samsung Data loss Legal Experience Compliance Troubleshooting Debate Data Breach Computer Accessories Technology Tips Sync Heating/Cooling Alt Codes Consumers Crowdfunding Regulations YouTube Technology Laws Scam Comparison Mobile Device Managment Typing Company Culture Twitter Scheduling IP Address Google Drive How To Bandwidth Unified Threat Management Touchscreen Black Friday Productivity Refrigeration Cryptocurrency Disaster Virtual Private Network Google Docs Flexibility Access Control Cyber Monday Travel Cost Management Bitcoin Digital Signature Memory Redundancy Laptop communications SharePoint

      Top Blog

      Basically, any machine that uses fans and vents to cool itself can overheat if airflow is restricted. If you have used a laptop on your lap for an extended session, then you know what we are talking about when the computer becomes hot to the touch. Every portable device is designed a little diffe...
      QR-Code