Other issues in this category (35)
Holes left unpatched
Thursday, July 20, 2017
Today we’re offering you a short issue about why vulnerabilities can be so persistent. Let's take the June ransomware outbreak as an example.
After the upheaval caused by Trojan.Encoder.11432 (WannaCry), it might appear as if only people living in a bubble haven’t heard about the SMB v1 vulnerability, and that by now it must have been patched or the protocol must have been disabled. However,
Let's assume we are reluctant to update our software and want to disable obsolete services.
Once smbv1 was disabled, our Kyocera printers stopped uploading scanned images into a share.
And our visual foxpro database, which serves 1,000+ users and operates over smb 2.0+, is corrupting files for some reason despite all of our efforts which include disabling oplock. So no, we didn't disable it.
Every system administrator has had to use some tricks. And a company’s management is unlikely to allocate additional finds to replace still working equipment merely because it uses an obsolete protocol.
As a result, old things remain in use. A ragged coat can still serve its master!#vulnerability #exploit #Trojan.Encoder #encryption_ransomware #corporate_security #security_updates
The Anti-virus Times recommends
Alas, reservations that system administrators have about updates are not unsubstantiated. Sometimes updates carry risks.
Some remote server connection programs, such as Steam, Bluestacks, Nox, and game servers, no longer work. But the browser works just fine.
It will be difficult for home users to avoid situations like this, but corporate customers can test updates before they are applied in their networks. Dr.Web Enterprise Security Suite has this feature too.
Tell us what you think
To leave a comment, you need to log in under your Doctor Web site account. If you don't have an account yet, you can create one.