crn5000-inc2015 BPTW logo
Contact us today!
(918) 770-8738
 
 

Integrated Business Technologies Blog

Integrated Business Technologies has been serving the Broken Arrow area since 2007, providing IT Support such as technical helpdesk support, computer support, and consulting to small and medium-sized businesses.

Your Search Bar Is Now More Secure

August saw yet another Patch Tuesday designed to resolve security issues in Microsoft products. Out of the 48 vulnerabilities resolved, 15 affected Windows, while 25 were rated as critical, 21 as important, and 27 that allowed for remote code execution. This might sound a little overwhelming, so we’ll try to simplify it a bit--a lot of flaws were fixed, and the majority of them can be considered dangerous for your organization.

Since only 15 affected Windows itself, you might be wondering where the others were applied. Other Microsoft products, including Internet Explorer, Microsoft Edge, Sharepoint, SQL Server, Hyper-V, and Kernel, all required a response from the developer. Only two of these flaws affected all versions of Windows and Windows Server, yet none of them were being exploited in the wild by hackers trying to find their next victim.

There is one vulnerability, however, that should require your immediate attention, and this is the one which targets the Windows Search function in your device. The vulnerability in question, CVE-2017-8620, can be exploited remotely via Server Management Block (SMB) to take over a system. This includes both a Windows workstation or a Windows Server unit. Thankfully, the flaw doesn’t exist in SMB itself, and is unaffected by the dangerous threats like the WannaCry ransomware and NotPetya.

According to the Windows advisory, the vulnerability is exploited through the way that Windows Search handles objects in memory. Basically, hackers can send specialized messages through Windows Search to change user permissions. Once they have done so, the possibilities are limitless. Hackers could install, remove, or change applications on the targeted device, as well as view, change, or delete data stored on it. Even scarier is the ability to create an entirely new account with full administrator privileges.

This type of vulnerability is something out of a hacker’s dream, allowing them to take full advantage of a victim’s computer with relatively little trouble. The good news is that as long as you apply the required patches and security updates, the issue can be resolved easily enough. How does your organization combat vulnerabilities? You need to implement patches and security updates in at least some capacity, as not doing anything at all is a recipe for disaster--especially with a threat as thorough as the one mentioned above. Thankfully, there is a solution for organizations that either don’t have the time or the resources to implement patches in a timely manner.

Outsourced IT services, including remote patching and maintenance, can be acquired by organizations of all sizes, without breaking your budget or dragging down operations due to maintenance. You can take advantage of enterprise-level solutions designed to help your organization optimize security, without hiring an internal IT department and adding new salaries to your budget. Integrated Business Technologies can help your business identify and repair weaknesses in its computing infrastructure. To learn more, reach out to us at (918) 770-8738.

Our clients that are subscribed to our Managed IT services will be covered and will be getting the Windows updates once it has been fully tested.

 

Comments

No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Guest
Tuesday, 17 October 2017
If you'd like to register, please fill in the username, password and name fields.

Captcha Image

Sign Up for Our Newsletter

  • First Name *
  • Last Name *

      Free Consultation

      Sign up today for a
      FREE Network Consultation

      How secure is your IT infrastructure?
      Let us evaluate it for free!

      Sign up Now!

      freeconsultation
       

      Tag Cloud

      Security Technology Privacy Business Management Managed Service Provider Tip of the Week Internet Microsoft Saving Money Cloud Productivity Business Computing Workplace Tips Backup Best Practices IT Services Hackers Hosted Solutions IT Support Network Mobile Devices Hardware Business Email Malware Software Small Business Data Communication Smartphones Windows Server Upgrade Business Continuity Mobile Device Management Microsoft Office VoIP Virtualization Efficiency Disaster Recovery Google Computer Miscellaneous Mobile Office Gadgets Vendor Management Social Media Quick Tips Innovation Mobile Computing Holiday Windows 10 WiFi Best Practice Passwords User Tips BYOD Smartphone Bring Your Own Device Users Remote Monitoring Wireless Technology Trending Operating System Apple Spam Android History Internet of Things Alert The Internet of Things Going Green Content Filtering Remote Computing Big Data Firewall Office Managed IT services Unified Threat Management Network Security Browser IT Solutions Lithium-ion Battery Save Money IT Consultant Current Events Information Technology Avoiding Downtime Data Management Hard Drives App Customer Relationship Management Ransomware Analytics Windows 8 Facebook Printer Tech Support Gmail Humor Saving Time Artificial Intelligence Virus Outsourced IT Collaboration Maintenance Fax Server Outlook Health Office Tips Retail Phone System Phishing Marketing Excel IT service Business Growth Managed IT Data Backup Antivirus Customer Service Apps Hacking Application Computers VPN PowerPoint Risk Management Presentation Co-Managed IT Budget Automation iPhone Recovery Administration Running Cable Router Inbound Marketing Computer Repair Proactive IT Employer-Employee Relationship Social Digital Payment Password Mobile Device Training Files Competition Network Congestion File Sharing Social Networking Help Desk Downtime Data Recovery Two-factor Authentication User Error Display Tablet Search USB Virtual Desktop Business Owner Hacker Encryption Intranet Business Intelligence User Programming Project Management Analyitcs Money Cybersecurity Education Safety Augmented Reality Mobility Settings Licensing Piracy Wireless Hosted Solution Chrome Cybercrime Save Time Sports Data storage Point of Sale Hiring/Firing Robot Mouse Printing Document Management End of Support Website Net Neutrality LiFi Statistics IBM Fun Deep Learning Tip of the week Google Wallet Word Public Speaking Technology Laws Wearable Technology Writing Private Cloud Cortana Conferencing eWaste Drones Gaming Console Alerts Buisness PC Care Unified Threat Management Social Engineering Public Cloud Knowledge Value Identities Environment Virtual Private Network Backups eBay Remote Support CIO Leadership Samsung Skype Sync Experience Streaming Media Solid State Drive Troubleshooting New Additions Debate Redundancy Print Server Legal Heating/Cooling Text Messaging Work Station Consumers Crowdfunding Compliance LinkedIn Mobile Device Managment Alt Codes Adminstration Congratulations Law Firm IT 3D Video Surveillance IP Address Recycling YouTube Windows 8.1 Update Regulations Best Available Typing Disaster Networking Google Drive Refrigeration Bandwidth Specifications How To Cryptocurrency Scam Digital Signature Data Security Bluetooth Google Docs Cost Management Scheduling Memory Online Currency Flexibility Software Tips Laptop Bitcoin Techology Computer Accessories Wi-Fi communications Documents Halloween Hacks Entrepreneur Disaster Resistance Undo SaaS 5G Twitter Unified Communications PDF People Company Culture Managed IT Services Scary Stories IT Consulting Touchscreen Telephony Office 365 Data loss Computing Macro Data Breach Monitors Domains

      Top Blog

      Basically, any machine that uses fans and vents to cool itself can overheat if airflow is restricted. If you have used a laptop on your lap for an extended session, then you know what we are talking about when the computer becomes hot to the touch. Every portable device is designed a little diffe...
      QR-Code