crn5000-inc2015 BPTW logo
Contact us today!
(918) 770-8738
 
 

Integrated Business Technologies Blog

Integrated Business Technologies has been serving the Broken Arrow area since 2007, providing IT Support such as technical helpdesk support, computer support, and consulting to small and medium-sized businesses.

Your Search Bar Is Now More Secure

August saw yet another Patch Tuesday designed to resolve security issues in Microsoft products. Out of the 48 vulnerabilities resolved, 15 affected Windows, while 25 were rated as critical, 21 as important, and 27 that allowed for remote code execution. This might sound a little overwhelming, so we’ll try to simplify it a bit--a lot of flaws were fixed, and the majority of them can be considered dangerous for your organization.

Since only 15 affected Windows itself, you might be wondering where the others were applied. Other Microsoft products, including Internet Explorer, Microsoft Edge, Sharepoint, SQL Server, Hyper-V, and Kernel, all required a response from the developer. Only two of these flaws affected all versions of Windows and Windows Server, yet none of them were being exploited in the wild by hackers trying to find their next victim.

There is one vulnerability, however, that should require your immediate attention, and this is the one which targets the Windows Search function in your device. The vulnerability in question, CVE-2017-8620, can be exploited remotely via Server Management Block (SMB) to take over a system. This includes both a Windows workstation or a Windows Server unit. Thankfully, the flaw doesn’t exist in SMB itself, and is unaffected by the dangerous threats like the WannaCry ransomware and NotPetya.

According to the Windows advisory, the vulnerability is exploited through the way that Windows Search handles objects in memory. Basically, hackers can send specialized messages through Windows Search to change user permissions. Once they have done so, the possibilities are limitless. Hackers could install, remove, or change applications on the targeted device, as well as view, change, or delete data stored on it. Even scarier is the ability to create an entirely new account with full administrator privileges.

This type of vulnerability is something out of a hacker’s dream, allowing them to take full advantage of a victim’s computer with relatively little trouble. The good news is that as long as you apply the required patches and security updates, the issue can be resolved easily enough. How does your organization combat vulnerabilities? You need to implement patches and security updates in at least some capacity, as not doing anything at all is a recipe for disaster--especially with a threat as thorough as the one mentioned above. Thankfully, there is a solution for organizations that either don’t have the time or the resources to implement patches in a timely manner.

Outsourced IT services, including remote patching and maintenance, can be acquired by organizations of all sizes, without breaking your budget or dragging down operations due to maintenance. You can take advantage of enterprise-level solutions designed to help your organization optimize security, without hiring an internal IT department and adding new salaries to your budget. Integrated Business Technologies can help your business identify and repair weaknesses in its computing infrastructure. To learn more, reach out to us at (918) 770-8738.

Our clients that are subscribed to our Managed IT services will be covered and will be getting the Windows updates once it has been fully tested.

 

Comments

No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Guest
Wednesday, 20 June 2018
If you'd like to register, please fill in the username, password and name fields.

Captcha Image

Sign Up for Our Newsletter

  • First Name *
  • Last Name *

      Free Consultation

      Sign up today for a
      FREE Network Consultation

      How secure is your IT infrastructure?
      Let us evaluate it for free!

      Sign up Now!

      freeconsultation
       

      Tag Cloud

      Security Technology Tip of the Week Privacy Business Management Managed Service Provider Cloud Internet Microsoft Saving Money Business Computing Productivity Best Practices Workplace Tips IT Services Hackers Hosted Solutions Backup Email Mobile Devices Malware Software Business IT Support Small Business Hardware Network Data Server Smartphones Communication Upgrade Windows Business Continuity VoIP Mobile Device Management Computer Efficiency Microsoft Office Disaster Recovery Google Virtualization Vendor Management Miscellaneous Innovation Mobile Office Gadgets Social Media Holiday Outsourced IT User Tips Quick Tips Passwords Mobile Computing BYOD Android Smartphone Browser Network Security WiFi Data Backup Windows 10 Best Practice Internet of Things The Internet of Things Managed IT services Remote Monitoring Ransomware Bring Your Own Device Spam Alert Users Data Management Trending Wireless Technology Operating System Apple Tech Term Remote Computing Firewall Save Money Content Filtering Data Recovery Going Green Artificial Intelligence History Gmail Big Data App Office Analytics Customer Relationship Management IT Solutions Unified Threat Management Lithium-ion Battery IT Consultant Encryption Printer Tech Support Information Technology Current Events Managed IT Avoiding Downtime Employer-Employee Relationship Maintenance Hard Drives Facebook Windows 8 Cloud Computing Router Antivirus Document Management Humor Applications Saving Time Paperless Office Managed IT Services Virus Website Customer Service Hacking Computers Fax Server Phone System Outlook Health Collaboration Cybersecurity Two-factor Authentication Compliance Marketing Automation Excel Office Tips Retail Phishing IT service Mobile Device Digital Payment Chrome Business Growth VPN Apps Risk Management Application Tablet Office 365 iPhone User Error Password Project Management Co-Managed IT Government Administration Presentation Augmented Reality Budget Data Security Computer Repair Proactive IT Regulations Recovery Inbound Marketing Mouse Money Bandwidth Running Cable Social Net Neutrality Licensing Infrastructure PowerPoint Social Networking Wi-Fi Unified Communications Training End of Support LiFi HIPAA Computing Statistics Data loss Help Desk Redundancy Intranet Business Intelligence Competition Network Congestion Recycling Downtime Internet Exlporer eWaste Smart Technology Search Mobile Security Files Virtual Desktop USB Piracy Mobility Business Owner Sports Hacker User Point of Sale Programming Tip of the week Scam Twitter Company Culture Analyitcs Education Safety Specifications Hosted Solution IBM Settings Flexibility Cost Management Wireless Data storage Cybercrime File Sharing Save Time Wearable Technology Robot Hiring/Firing Vulnerability Productivity Printing Display Alerts Value People Management Blockchain 5G PDF eBay Virtual Private Network Scary Stories Virtual Reality Technology Laws Leadership Travel Comparison Remote Support Nanotechnology Streaming Media Enterprise Resource Planning New Additions Permissions Monitors Skype Deep Learning Print Server Gaming Console Text Messaging IT Technicians SaaS Unified Threat Management Screen Reader BDR Black Friday Domains Google Wallet Work Station Mobile Congratulations Assessment Fraud Fun Writing LinkedIn Access Control Word Law Firm IT Video Surveillance Mirgation Smart Tech Identity Theft Cyber Monday Public Speaking Drones Windows 8.1 Update Managing Stress IT Management Cortana Social Engineering Best Available Buisness Telephony SharePoint Identities Business Technology Storage Connectivity Backups CIO Enterprise Content Management Adminstration Network Management Knowledge Environment Downloads Solid State Drive Bluetooth 3D Networking Migration IoT Distributed Denial of Service Legal Online Currency Samsung Troubleshooting Debate Windows 10 Hotspot Experience Machine Learning Multi-Factor Security Heating/Cooling Alt Codes Computer Accessories Chatbots Crowdfunding Star Wars Managed IT Service Consumers YouTube Language Private Cloud Google Calendar Typing Techology Identity Utility Computing Scheduling Software Tips Break Fix IP Address Google Drive Server Management Computing Infrastructure How To Public Cloud Legislation Refrigeration Cryptocurrency Disaster Touchscreen Disaster Resistance Healthcare Dark Web Google Docs Cooperation Sync Bitcoin Digital Signature IT Consulting Motherboard Memory Hard Drive Data Warehousing communications Patch Management Staff Laptop Mobile Device Managment Software as a Service Hacks Modem Conferencing Cache IT Support Microsoft Excel Documents Entrepreneur Operations Halloween Data Breach PC Care Technology Tips Undo Cookies Macro

      Top Blog

      Basically, any machine that uses fans and vents to cool itself can overheat if airflow is restricted. If you have used a laptop on your lap for an extended session, then you know what we are talking about when the computer becomes hot to the touch. Every portable device is designed a little diffe...
      QR-Code