I’m not a fan of bugs. Not the spindly legged, ‘land on your face in the night’ kind that cause havoc in my life, and not the kind causing havoc on the internet either; which is why it’s great when you find and evict them – whether that’s from your bed, or your solution. There’s a new, potentially serious bug wriggling about in most Windows systems, and putting at risk encryption services (like https), that needs to be turfed out. So, if you use Windows in any capacity it’s vital you get rid of any unwanted visitors!
IBM has just identified a nineteen year old vulnerability that affects almost all versions of Microsoft Windows. It’s an unauthorised remote code execution bug, if you like to know the tech side of things; it’s something you need to make sure you’ve patched, if you don’t. Luckily there doesn’t seem to have been any exploits seen roaming around in the wild yet, but this may change within the next few days.
The tech stuff
Microsoft are keeping most of the details fairly hush at the moment, but in essence, it would basically involve a hacker sending “specially crafted” packets to a server, designed to exploit the vulnerability by eliciting a response that would allow them to run whatever code they wanted, without the credentials needed to do so.
Basically, if you run Windows, particularly if you have public facing sites, you are at risk.
What do I need to do?
A patch has already been issued, which is fab, and if you are a UKFast customer who has automatic updates it will be applied between now and Friday – you can pretty much kick back on this one (although it’s important to keep an eye on the situation in case anything changes).
If you prefer to do the work yourself and run manual Windows updates then we recommend applying the patch yourself as soon as you’re able; then and only then can you relax a bit!
It’s still early days so watch this space, but – as always – we recommend good security practice, patching and updating regularly, or setting your updates to automatic. So, protect yourself now, and make sure your Windows (and doors) are shut to cyber thieves!
For more information on how we can secure your solution take a look at our website or give us a call on 0800 045 4945. We also have some FAQs in MyUKFast on the latest big security scares.