MSP Blog Logo

BDR

Business Growth

Cybersecurity

Help Desk

MDM

RMM

Sales & Marketing

Subscribe

Empowering Your MSP Business to Grow and Prosper—One Post at a Time

5 Ways to Improve Your MSP Service Level Agreement (SLA)

Featured Post

5 Ways to Improve Your MSP Service Level Agreements (SLAs)

SLAs are the foundation of your MSP business. They are essential to building strong client relationships and must be clear, reasonable and well-constructed.

Read Now

11 Must-Know 'Critical' Patch Updates

Posted February 26, 2015by Brandon Garcin

critical-patch-updates-since-december


Over the past few months, we’ve seen the monthly ‘Patch Tuesday’ release several patch updates that have been rated ‘Critical.’ Whether you deploy your patches manually or automatically, it’s important for MSPs to stay up-to-date on recent 'Critical' patching updates. Your clients are depending on it!

Here are 11 of the most notable ‘Critical’ patch updates since December. 

December:

Microsoft

This patch takes care of the VBScript and ASLR vulnerabilities by addressing the way Internet Explorer stores objects in memory, preventing XSS filters from disabling HTML attributes and correctly installing the ASLR (security) and VBScript (memory) feature. 
       
This was classified as a critical update for Windows clients running Internet Explorer (IE) 6, 7, 8, 9, 10, and 11.  According to the executive summary, this patch was released after a total of 14 vulnerabilities were reported. Successful attackers, for instance, were able to gain user rights on the system parallel to the current users.
       
Microsoft released this patch update for Word and cloud based apps for Microsoft Office Web App Services. Before it was corrected, attackers could gain access to systems after users clicked on a Word file to remotely execute security code scenarios. Additionally, this executive summary explains how the attackers were able to view, change, or delete data, and create new accounts with full access. 
       
This was a critical update for running editions of Microsoft Word 2007, 2010, 2013, 2013 RT, 2011 edition for Mac, Word Viewer, Office Compatibility Pack, and for Web App Servers, and SharePoint Server 2013.
       
This patch update impacts Microsoft’s older systems including Windows 7, Vista, and Server 2003 and 2008. This was a critical update for versions still running VBScript Engine, since more current versions are running by PowerShell. Attackers exploited the vulnerability when users visited a page on the web or accessed malicious Office documents. As a result, attackers could then obtain the same user rights as the current user. 
       
Adobe

This was Adobe’s most critical update for December, reporting six vulnerabilities affecting Flash Player for Windows, Mac, and Linux operating systems. All vulnerabilities reported included the attacker having the ability to perform remote actions on the compromised system.
       
This update corrected 20 vulnerabilities reported for Adobe Reader and Acrobat. The patch included updates for both Windows and Mac operating systems.

 

January

Microsoft

This patch update for vulnerabilities reported in Windows Telnet service was Microsoft’s only critical update for the month of January. The issue was due to malign Telnet packets being sent to a Windows Server. Telnet had improperly authorized the memory location, giving attackers access and the capability to run random code executions on a server.
       
According to the executive summary, the following Windows operating systems affected include Windows 7, Server 2008 R2, 8, Server 2012, RT, 8.1, Server 2012 R2, and RT 8.1.

 

Adobe

Affecting Windows and Mac versions, Adobe issued this update for Flash Player version 16.0.0287 to stop attackers from performing ‘drive-by download’ attacks to crash and take control of the system when using Internet Explorer and Firefox.


 Are you practicing safe patching?


 

February

Linux

CVE-2015-0235 aka “GHOST bug”
Similar to the Heartbleed and Shellshock bugs we once sung about, the GHOST bug has been vulnerable on Linux systems for quite some time now, and was finally resolved in February. This was a huge concern for Linux systems users because this vulnerability allowed attackers to take control of the system, without needing any IDs or passwords. This vulnerability existed in any Linux system with glibc, according to a blog posted on Ars Technica in January.
       
To exploit this vulnerability, a hacker needed to gain access by performing a DNS resolution, allowing the attacker to perform user privileges and take over the entire system.
 

Microsoft

40 vulnerabilities were reported for this patch update in Internet Explorer. Attackers who successfully directed users to view a specific web page, could gain access to the system that the user was logged-in to and perform malicious actions
       
This patch update applied for Windows clients using Internet Explorer 6, 7, 8, 9, 10, and 11.
       
MS15-010 fixes vulnerabilities in the Windows Kernel mode driver, which could allow for remote code access and operation if exploited in the Win32k.sys.
       
Specifically, this occurs when the driver improperly handles error checking related to TrueType fonts. Systems made vulnerable to this were 64bit users of Windows Servers 2008 R2 and Windows 7, and 32-bit users of Windows 7.
       
This security patch fixes the vulnerability of a user’s domain configured system to join the attacker's network, giving the attacker complete access and control of the user's network.
       
Several Windows editions were rated critical for this update, including Windows Server 2003, Vista, Windows Server 2008, Windows 7, Windows Server 2008 R2, Windows 8, Windows Server 2012, and several more in the full report.

Any comments or questions about these patch updates? Let us know below!

If you're not keeping up with patch updates, your clients could be in real danger...


eBook-Dodging-Danger-5-Hidden-MSP-Pitfalls-and-How-to-Avoid-Them

Brandon Garcin is Continuum's Senior Content Strategist, and is responsible for the creation and execution of a variety of resources designed to win new business and support existing customer accounts. He has authored more than a dozen eBooks which have generated thousands of downloads, and has consulted with hundreds of Continuum partners to help improve their marketing and lead generation efforts through website optimization and content development. Brandon is also the host of The Weekly Byte, a video and audio series produced by Continuum that provides quick, digestible tips and best practices that MSPs can use to help their business succeed.

RMM 101: Must-haves for Your IT Management Solution
MSP Guide to Managed Services SLAs  [white paper]
comments powered by Disqus