In the February 2021 Patch Tuesday security update Microsoft fixed 56 flaws, one zero-day vulnerability and two remote code execution vulnerabilities in the Windows Fax Service. That’s right, someone can send you a fax and take over your Windows system.
While you might be tempted to think: ‘who sends faxes these days?’ that is the wrong question. Instead, Network Managers should ask themselves: What systems used to send and receive faxes a few years ago and could still have this feature enabled?
The removal of software or features that are no longer needed is a way to improve the security of a system by reducing its attack surface. All software contains bugs and security vulnerabilities – including some that have not been discovered yet. You harden the system’s security by removing software that is no longer needed thus removing the vulnerabilities associated with that software.
Vulnerability management not only involves the prompt installation of security patches, but also the removal of unsupported or no longer needed software in order to reduce the attack surface of each device on the network.
Check and Disable Windows Fax Service
Check if the Fax service is enabled on your system:
- Press Windows key + R on to open the Run dialog on Windows 10.
- Type services.msc to open the Services window.
- Locate the Fax service.
- If the Fax service is not listed the system is not vulnerable.
- If the Fax service is listed but the status is not Running, then the system is not currently vulnerable, but could be targeted if the service was started.
Microsoft provides details of how to remove the Fax service on their security advisory.