New Microsoft Windows Operating Systems Vulnerabilities
As several news outlets have reported, new Microsoft Windows operating systems vulnerabilities have been revealed, impacting both desktops and servers. These vulnerabilities are potentially wormable, meaning viruses and malware could be spread without any action taken by the user. Most Windows devices in use today could be at risk; however, there is no evidence that these vulnerabilities have been exploited at all to-date. Shortly after they were revealed to the public, Microsoft released patches to mitigate these security issues.
What Should You Do?
You’ve got some patching to do! Nextrio recommends that you ensure all Microsoft patches are up-to-date on all servers and workstations. Users should also be vigilant about updating all personal computers and non-work devices.
Nextrio also recommends that you remind users about email and Internet usage best practices. While these particular vulnerabilities are not directly related to user behavior, lack of awareness among users can certainly make exploiting these and other vulnerabilities easier and more destructive. Users should be on guard against unexpected emails from known sources and unexpected, legitimate appearing emails from banking institutions, credit card companies, package carriers, etc. Lastly, users should not click on links or attachments in emails that are not explicitly business-related and sent from a known source.
More information on these vulnerabilities can be found on Microsoft’s Website.
- Remote Desktop Services Remote Code Execution Vulnerability: https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1182
- Windows ALPC Elevation of Privilege Vulnerability:https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1162
Nextrio offers a suite of services with proactive prevention to manage your workstations and servers. Contact us today at 520-519-6301 to learn more about how Nextrio can help you!