crn5000-inc2015 BPTW logo
Contact us today!
(918) 770-8738
 
 

Integrated Business Technologies Blog

Integrated Business Technologies has been serving the Broken Arrow area since 2007, providing IT Support such as technical helpdesk support, computer support, and consulting to small and medium-sized businesses.

Your Search Bar Is Now More Secure

August saw yet another Patch Tuesday designed to resolve security issues in Microsoft products. Out of the 48 vulnerabilities resolved, 15 affected Windows, while 25 were rated as critical, 21 as important, and 27 that allowed for remote code execution. This might sound a little overwhelming, so we’ll try to simplify it a bit--a lot of flaws were fixed, and the majority of them can be considered dangerous for your organization.

Since only 15 affected Windows itself, you might be wondering where the others were applied. Other Microsoft products, including Internet Explorer, Microsoft Edge, Sharepoint, SQL Server, Hyper-V, and Kernel, all required a response from the developer. Only two of these flaws affected all versions of Windows and Windows Server, yet none of them were being exploited in the wild by hackers trying to find their next victim.

There is one vulnerability, however, that should require your immediate attention, and this is the one which targets the Windows Search function in your device. The vulnerability in question, CVE-2017-8620, can be exploited remotely via Server Management Block (SMB) to take over a system. This includes both a Windows workstation or a Windows Server unit. Thankfully, the flaw doesn’t exist in SMB itself, and is unaffected by the dangerous threats like the WannaCry ransomware and NotPetya.

According to the Windows advisory, the vulnerability is exploited through the way that Windows Search handles objects in memory. Basically, hackers can send specialized messages through Windows Search to change user permissions. Once they have done so, the possibilities are limitless. Hackers could install, remove, or change applications on the targeted device, as well as view, change, or delete data stored on it. Even scarier is the ability to create an entirely new account with full administrator privileges.

This type of vulnerability is something out of a hacker’s dream, allowing them to take full advantage of a victim’s computer with relatively little trouble. The good news is that as long as you apply the required patches and security updates, the issue can be resolved easily enough. How does your organization combat vulnerabilities? You need to implement patches and security updates in at least some capacity, as not doing anything at all is a recipe for disaster--especially with a threat as thorough as the one mentioned above. Thankfully, there is a solution for organizations that either don’t have the time or the resources to implement patches in a timely manner.

Outsourced IT services, including remote patching and maintenance, can be acquired by organizations of all sizes, without breaking your budget or dragging down operations due to maintenance. You can take advantage of enterprise-level solutions designed to help your organization optimize security, without hiring an internal IT department and adding new salaries to your budget. Integrated Business Technologies can help your business identify and repair weaknesses in its computing infrastructure. To learn more, reach out to us at (918) 770-8738.

Our clients that are subscribed to our Managed IT services will be covered and will be getting the Windows updates once it has been fully tested.

 

Comments

No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Guest
Thursday, 22 February 2018
If you'd like to register, please fill in the username, password and name fields.

Captcha Image

Sign Up for Our Newsletter

  • First Name *
  • Last Name *

      Free Consultation

      Sign up today for a
      FREE Network Consultation

      How secure is your IT infrastructure?
      Let us evaluate it for free!

      Sign up Now!

      freeconsultation
       

      Tag Cloud

      Security Technology Tip of the Week Business Management Privacy Managed Service Provider Internet Microsoft Cloud Saving Money Productivity Business Computing Workplace Tips Best Practices IT Services Backup Hackers Hosted Solutions Mobile Devices IT Support Email Business Small Business Malware Software Hardware Network Smartphones Data Communication Server Windows Upgrade Mobile Device Management VoIP Business Continuity Google Virtualization Efficiency Microsoft Office Disaster Recovery Miscellaneous Computer Mobile Office Vendor Management Gadgets Holiday Innovation Android Social Media Quick Tips BYOD Smartphone Windows 10 Outsourced IT User Tips Mobile Computing WiFi Best Practice Passwords Remote Monitoring Bring Your Own Device Browser Internet of Things Users The Internet of Things Trending Operating System Network Security Apple Wireless Technology Spam History Going Green Alert Firewall Managed IT services Content Filtering Remote Computing Printer Gmail Tech Support Managed IT Information Technology Current Events Big Data Office Analytics Data Management IT Solutions Lithium-ion Battery Save Money IT Consultant Data Backup Unified Threat Management Ransomware Artificial Intelligence Humor Saving Time Avoiding Downtime Maintenance Hard Drives Facebook App Encryption Customer Relationship Management Antivirus Windows 8 Business Growth Risk Management Employer-Employee Relationship Customer Service Hacking Apps Computers Application Virus Data Recovery Phone System Collaboration Fax Server Two-factor Authentication Outlook Health Automation Office Tips Retail Phishing Marketing Document Management Excel IT service Digital Payment Applications Chrome Data Security PowerPoint VPN Tablet Cybersecurity Office 365 iPhone Password Training Administration Augmented Reality User Error Presentation Co-Managed IT Budget Computer Repair Proactive IT Project Management Recovery Mouse Money Running Cable Social Net Neutrality Licensing Router Mobile Device Inbound Marketing Wireless Data storage Cybercrime File Sharing Save Time Paperless Office Wearable Technology Social Networking Wi-Fi Robot Unified Communications Hiring/Firing Printing Display Alerts Tip of the week End of Support LiFi Website Computing HIPAA Statistics Mobility Intranet Competition Business Intelligence Government Network Congestion Downtime Help Desk Search Files Virtual Desktop USB Mobile Security Piracy Business Owner Redundancy Sports Hacker User Point of Sale Programming Analyitcs Bandwidth Education Managed IT Services Safety Specifications Hosted Solution IBM Scam Settings Flexibility Memory Scheduling Data loss communications Data Warehousing Laptop Productivity Hacks Staff Conferencing Software as a Service Windows 10 Documents Entrepreneur Microsoft Excel Techology Halloween PC Care Travel Undo Operations Value People Technology Tips 5G PDF Scary Stories Virtual Reality Blockchain eBay Disaster Resistance Leadership Remote Support Skype Streaming Media Comparison New Additions Server Management Monitors SaaS Deep Learning Print Server Permissions Text Messaging IT Consulting Work Station Macro Domains Google Wallet IT Technicians LinkedIn Black Friday Congratulations Fun Writing Word Law Firm IT Fraud Video Surveillance Data Breach Recycling Cloud Computing Public Speaking Drones Windows 8.1 Update Mirgation Best Available eWaste Buisness Cyber Monday Vulnerability Cortana Social Engineering Telephony Identities Gaming Console Internet Exlporer Technology Laws Software Tips Backups Environment CIO Smart Technology Virtual Private Network Knowledge Solid State Drive Bluetooth Unified Threat Management Samsung Legal Online Currency Troubleshooting Debate Distributed Denial of Service Experience Compliance Private Cloud Heating/Cooling Alt Codes Hotspot Computer Accessories Access Control Crowdfunding Infrastructure Consumers YouTube Adminstration Managed IT Service Regulations Public Cloud Typing 3D Language SharePoint Twitter Google Calendar IT Support IP Address Google Drive Company Culture Break Fix Business Technology How To Sync Refrigeration Cryptocurrency Disaster Computing Infrastructure Touchscreen Downloads Legislation Google Docs Dark Web Networking Mobile Device Managment Cost Management Bitcoin Digital Signature Cooperation Multi-Factor Security

      Top Blog

      Basically, any machine that uses fans and vents to cool itself can overheat if airflow is restricted. If you have used a laptop on your lap for an extended session, then you know what we are talking about when the computer becomes hot to the touch. Every portable device is designed a little diffe...
      QR-Code