Earlier this year in January and February, Microsoft issued emergency security updates for vulnerabilities in Windows 7 and Server 2008 R2 machines. These patches were to counter the chip vulnerabilities found in Intel x64 processors late last year. This series of patches were coined the Meltdown patches.
The problem?
Unfortunately, in hustling to get a patch ready, Microsoft left major vulnerabilities to your network if you or your IT support team had simply applied the Meltdown patch!
In fact, these patches blew gaping holes in your entire Windows operating system.
The issue with the Meltdown patch was that it let normal applications and log-in users to access and modify any part of the physical RAM, giving them complete control over the computer—and this was with the Meltdown update applied! This meant that hackers could have carte blanche read-write privileges to your entire system.
[Note: just a reminder that these flaws are only for Windows 7 and Server 2008 R2. If you’ve updated your platform past these versions, you are NOT impacted.]
Last month Microsoft released a patch to counter this Meltdown flaw.
As March rolled in, Microsoft pushed out fixes on Patch Tuesday addressing the vulnerabilities created in January and February updates.
There’s a continued problem?
The March update—meant to address the security issues with the Meltdown patch—didn’t quite do the trick. The bug remained in the kernel, meaning it could still be exploited by malicious software and cybercriminals.
What should you do if you’re still using Windows 7 or Server 2008 R2?
If you’ve applied the Microsoft Meltdown patch, you’ll want to make sure you’re up to date with Microsoft’s recent patch, CVE-2018-1038. If you’re a Dynamic Edge client, rest assured, this has been taken care of. If you’re not, contact us today and we can help you get that patch applied!
What’s the bigger take home about the Meltdown fiasco?
Your IT Support team needs to be security focused more than ever!
If your team simply expects operations as usual in 2018, they’re likely a bit too hopeful. If they’re inundated with supporting user requests and overlook patching… they probably are putting your business at risk.
If they’re simply applying patches without testing to see that patches are actually working, they aren’t doing enough to protect you from rather smart cybercriminals that have big incentives (big pay days) if they are able to hack into and hold your network ransom.
If they’re simply relying on Microsoft to protect you, realize that Microsoft had to put out a patch for a patch. If this happens again and your only line of defense was Microsoft, what are the chances you’d survive a big cyberattack?
Your IT Support team needs to be applying patches, certainly. But they also need to be thinking about how to comprehensively secure your network—keeping your users, business data and clients safe—without breaking the bank.
They need to have process and infrastructure as standards that ward off cyberattacks. They can’t be at the bottom of the barrel, simply patching vulnerabilities once they’ve become major problems for other businesses. Because who knows if your business might fall into the cyberattack headline next month?
How Do You Proactively Protect Your Business’ Network?
Patch Patch Patch—I cannot emphasize how important patching is. Most IT Support teams fail because they have to manually patch all of their clients whenever a new patch is released. This leads to mistakes. This prevents them from testing that the patches will work in your network’s specific environment. Dynamic Edge has proprietary automated patch application process that allows us to get your machines completely patched in a fraction of the time of manual patching, which allows for us to test that your patches are actually working.
Monitor Your Network—another big problem that I see when auditing prospective clients is that most IT Support teams rarely monitor their networks. Because they are inundated with user issues, they’re losing track on making sure malicious traffic isn’t penetrating your network.
Keep The Bad Guys Out—having a smart firewall that learns and effectively detects what bad traffic looks like as threats evolve is critical to making sure that your network is safe.
Evaluating Your Security—one of the best ways to know whether you’ll likely soon become a victim to ransomware attacks is to evaluate your risks. Ask us about our FREE 37 point ransomware assessment to make sure you’re on track to keep your business safe.
