crn5000-inc2015 BPTW logo
Contact us today!
(918) 770-8738
 
 

Integrated Business Technologies Blog

Integrated Business Technologies has been serving the Broken Arrow area since 2007, providing IT Support such as technical helpdesk support, computer support, and consulting to small and medium-sized businesses.

Your Search Bar Is Now More Secure

August saw yet another Patch Tuesday designed to resolve security issues in Microsoft products. Out of the 48 vulnerabilities resolved, 15 affected Windows, while 25 were rated as critical, 21 as important, and 27 that allowed for remote code execution. This might sound a little overwhelming, so we’ll try to simplify it a bit--a lot of flaws were fixed, and the majority of them can be considered dangerous for your organization.

Since only 15 affected Windows itself, you might be wondering where the others were applied. Other Microsoft products, including Internet Explorer, Microsoft Edge, Sharepoint, SQL Server, Hyper-V, and Kernel, all required a response from the developer. Only two of these flaws affected all versions of Windows and Windows Server, yet none of them were being exploited in the wild by hackers trying to find their next victim.

There is one vulnerability, however, that should require your immediate attention, and this is the one which targets the Windows Search function in your device. The vulnerability in question, CVE-2017-8620, can be exploited remotely via Server Management Block (SMB) to take over a system. This includes both a Windows workstation or a Windows Server unit. Thankfully, the flaw doesn’t exist in SMB itself, and is unaffected by the dangerous threats like the WannaCry ransomware and NotPetya.

According to the Windows advisory, the vulnerability is exploited through the way that Windows Search handles objects in memory. Basically, hackers can send specialized messages through Windows Search to change user permissions. Once they have done so, the possibilities are limitless. Hackers could install, remove, or change applications on the targeted device, as well as view, change, or delete data stored on it. Even scarier is the ability to create an entirely new account with full administrator privileges.

This type of vulnerability is something out of a hacker’s dream, allowing them to take full advantage of a victim’s computer with relatively little trouble. The good news is that as long as you apply the required patches and security updates, the issue can be resolved easily enough. How does your organization combat vulnerabilities? You need to implement patches and security updates in at least some capacity, as not doing anything at all is a recipe for disaster--especially with a threat as thorough as the one mentioned above. Thankfully, there is a solution for organizations that either don’t have the time or the resources to implement patches in a timely manner.

Outsourced IT services, including remote patching and maintenance, can be acquired by organizations of all sizes, without breaking your budget or dragging down operations due to maintenance. You can take advantage of enterprise-level solutions designed to help your organization optimize security, without hiring an internal IT department and adding new salaries to your budget. Integrated Business Technologies can help your business identify and repair weaknesses in its computing infrastructure. To learn more, reach out to us at (918) 770-8738.

Our clients that are subscribed to our Managed IT services will be covered and will be getting the Windows updates once it has been fully tested.

 

Comments

No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Guest
Wednesday, 19 September 2018
If you'd like to register, please fill in the username, password and name fields.

Captcha Image

Sign Up for Our Newsletter

  • First Name *
  • Last Name *

      Free Consultation

      Sign up today for a
      FREE Network Consultation

      How secure is your IT infrastructure?
      Let us evaluate it for free!

      Sign up Now!

      freeconsultation
       

      Tag Cloud

      Security Technology Tip of the Week Privacy Managed Service Provider Business Management Internet Cloud Microsoft Best Practices Business Computing Saving Money Productivity Workplace Tips IT Services Hosted Solutions Hackers Backup Email Malware Mobile Devices Business Software Data IT Support Hardware Small Business Network Communication Server Smartphones VoIP Upgrade Computer Google Windows Business Continuity Mobile Device Management Efficiency Innovation Virtualization Microsoft Office Disaster Recovery Miscellaneous Mobile Office Vendor Management Gadgets Holiday Social Media Tech Term Outsourced IT BYOD User Tips Quick Tips Data Backup Passwords Smartphone Network Security Mobile Computing Android Internet of Things Windows 10 Managed IT services WiFi Bring Your Own Device Browser The Internet of Things Best Practice Spam Remote Monitoring Ransomware Alert Save Money Trending Operating System Data Management Users Apple Remote Computing Wireless Technology Data Recovery Gmail Going Green Firewall Content Filtering Unified Threat Management Artificial Intelligence History Router Printer Tech Support Current Events Information Technology Encryption Analytics IT Solutions Lithium-ion Battery Big Data Facebook IT Consultant Office Cloud Computing App Customer Relationship Management Managed IT Humor Employer-Employee Relationship Saving Time Website Avoiding Downtime Maintenance Collaboration Two-factor Authentication Hard Drives Antivirus Paperless Office Document Management Windows 8 Applications Productivity IT Support IT service Managed IT Services Chrome Business Growth Wi-Fi Phone System Customer Service Compliance Apps Hacking Computers Application Cybersecurity Virus Bandwidth Fax Server Outlook Health Automation Office Tips Digital Payment Mobile Device Retail Phishing VPN Marketing Risk Management Excel Licensing Inbound Marketing Tablet Government Managed Service iPhone Office 365 Administration Project Management Training Augmented Reality Password Regulations Proactive IT User Error Computer Repair Presentation Point of Sale Co-Managed IT Mouse Data Security Budget Net Neutrality Social Unified Communications Recovery Money Infrastructure File Sharing PowerPoint Running Cable Social Networking Settings Scam Alerts Cost Management Display Wireless Vulnerability Cybercrime Save Time Information Blockchain Data loss Hiring/Firing HIPAA Intranet BDR Business Intelligence Redundancy Recycling Statistics Files Internet Exlporer Competition Piracy Network Congestion Storage Smart Technology Mobility Downtime Mobile Security Help Desk eWaste Sports IoT Flexibility Search Hosted Solution Virtual Desktop USB Company Culture Twitter Business Owner Data storage Tip of the week Hacker Robot User Programming IBM Printing Healthcare Analyitcs End of Support Education LiFi Computing Wearable Technology Safety Specifications SaaS Cables Deep Learning Staff IT Consulting Patch Management Software as a Service PC Care G Suite Remote Workers Digital Signature Google Wallet Modem Cache Memory Microsoft Excel Scheduling Value Writing Chromebook Wires Operations Data Breach Laptop eBay Technology Tips Remote Support Leadership Travel Drones Cookies Social Engineering Management Buisness Skype Streaming Media New Additions Documents Virtual Private Network Entrepreneur Identities Print Server Technology Laws Halloween Text Messaging Comparison Work Station Undo Monitoring Backups Nanotechnology Enterprise Resource Planning People CIO LinkedIn Permissions 5G Congratulations How To PDF Video Surveillance Telephony MSP Solid State Drive IT Technicians Law Firm IT Unified Threat Management Scary Stories Windows 8.1 Update Black Friday Identity Theft Consulting Legal Screen Reader Mobile Best Available Fraud Assessment Proactive Alt Codes Mirgation Access Control Cyber Monday Macro Domains Managed Services Provider Smart Tech Managing Stress YouTube Fun IT Management Business Technology Word Machine Learning Remote Monitoring and Management Typing Bluetooth SharePoint Online Currency Public Speaking Google Drive E-Commerce Connectivity How To Enterprise Content Management Cortana Network Management Computer Accessories Networking Private Cloud WPA3 Cryptocurrency Migration Gaming Console Downloads Distributed Denial of Service Google Docs Features Environment Vulnerabilities Hotspot Knowledge Windows 10 Public Cloud Fleet Tracking Bitcoin Chatbots Multi-Factor Security Samsung Managed IT Service Software Tips Electronic Health Records Star Wars Troubleshooting Geography Debate communications Language Experience Touchscreen Heating/Cooling Sync Asset Tracking Hacks Identity Google Calendar Crowdfunding Break Fix Consumers Utility Computing High-Speed Internet Computing Infrastructure Adminstration Techology Server Management Mobile Device Managment OneNote 3D Legislation Dark Web IP Address Virtual Reality Development Cooperation Disaster Resistance Refrigeration Employee-Employer Relationship Disaster Motherboard Hard Drive Data Warehousing Conferencing Monitors

      Top Blog

      Basically, any machine that uses fans and vents to cool itself can overheat if airflow is restricted. If you have used a laptop on your lap for an extended session, then you know what we are talking about when the computer becomes hot to the touch. Every portable device is designed a little diffe...
      QR-Code