Your browser is obsolete!

The page may not load correctly.

  • add to favourites
    Add to Bookmarks

Holes left unpatched

Read: 631 Comments: 3 Rating: 8

Today we’re offering you a short issue about why vulnerabilities can be so persistent. Let's take the June ransomware outbreak as an example.

After the upheaval caused by Trojan.Encoder.11432 (WannaCry), it might appear as if only people living in a bubble haven’t heard about the SMB v1 vulnerability, and that by now it must have been patched or the protocol must have been disabled. However, Trojan.EternalRocks.1 and Trojan.Encoder.11536 (UIWIX) ravaged computers right after the WannaCry outbreak. That was despite the fact that the vulnerabilities should have been closed. How could this happen?

Let's assume we are reluctant to update our software and want to disable obsolete services.

Once smbv1 was disabled, our Kyocera printers stopped uploading scanned images into a share.

And our visual foxpro database, which serves 1,000+ users and operates over smb 2.0+, is corrupting files for some reason despite all of our efforts which include disabling oplock. So no, we didn't disable it.

https://habrahabr.ru/company/pc-administrator/blog/331906

Every system administrator has had to use some tricks. And a company’s management is unlikely to allocate additional finds to replace still working equipment merely because it uses an obsolete protocol.

As a result, old things remain in use. A ragged coat can still serve its master!

#vulnerability #exploit #Trojan.Encoder #encryption_ransomware #corporate_security #security_updates

Dr.Web recommends

Alas, reservations that system administrators have about updates are not unsubstantiated. Sometimes updates carry risks.

Some remote server connection programs, such as Steam, Bluestacks, Nox, and game servers, no longer work. But the browser works just fine.

It will be difficult for home users to avoid situations like this, but corporate customers can test updates before they are applied in their networks. Dr.Web Enterprise Security Suite has this feature too.

#drweb

Rate this issue and receive Dr.Weblings! (1 vote = 1 Dr.Webling)

Sign in and get 10 Dr.Weblings for sharing the link to this issue via social media.

[Twitter]

Unfortunately, due to Facebook's technical limitations, Dr.Weblings cannot be awarded. However, you can share this link with your friends for free.

Tell us what you think

Leave your comment on the day of publication and get 10 Dr.Weblings, or get 1 Dr.Webling for a comment posted any other day. Comments are published automatically and are reviewed by a moderator. Rules for leaving comments about Doctor Web news items.

To leave a comment, you need to log in under your Doctor Web site account. If you don't have an account yet, you can create one.

Comments