In June 2020 Microsoft’s Patch Tuesday fixes a record 129 defects and vulnerabilities in its software – with a further 19 patches in the June Microsoft Office patch bundle. This continues a recent trend of ever-increasing numbers of patches included in the monthly updates from Microsoft (the two previous highest number of patches were inRead more
Blog
Microsoft has pushed back the end of support dates for a raft of software versions in order to ease the burden on stretched IT teams during the COVID19 pandemic. Organisations have to keep their systems updated with supported versions of software in order to benefit from the monthly security patches which are essential for networkRead more
April’s patch Tuesday release from Microsoft includes fixes for three zero-day vulnerabilities in Windows that are under active attack. CVE-2020-1020 is a flaw in the Windows Adobe Type Manager Library. According to Microsoft: For all systems except Windows 10, an attacker who successfully exploited the vulnerability could execute code remotely. For systems running Windows 10,Read more
Server hardening is a set of disciplines and techniques which improve the security of an ‘off the shelf’ server. Server Hardening is requirement of security frameworks such as PCI-DSS and is typically included when organisations adopt ISO27001. What is the attack surface The aim of server hardening is to reduce the attack surface ofRead more
Microsoft warns that attackers are targeting two zero-day remote code execution vulnerabilities that exist in all versions of Windows – and a fix is not expected until the April patch Tuesday. The vulnerabilities exist in the Adobe Type Manager library which is a standard Windows component used primarily by Windows Explorer to display previews ofRead more
Microsoft has released a patch to fix a remote code execution flaw in the SMB protocol affecting Windows 10 PC and their servers. SMB is used by Active Directory, for network file sharing and some printers. Microsoft have published a security advisory which details the scope of the flaw. The problem is the way the SMBv3Read more
Microsoft has released details of a zero-day remote code execution vulnerability which is being actively exploited to attack Windows computers. It affects all versions of Internet Explorer running on Windows 7, 8.1 and 10. The problems lies in one of the two javascript engines available within IE. Since a webpage can request IE to useRead more
In a recent whitepaper, Microsoft provides advice on how to spot RDP attacks in Windows event logs while the attack is still underway. The paper titled: “Data science for cybersecurity: A probabilistic time series model for detecting RDP inbound brute force attacks” succinctly explains the risk posed by RDP servers when published to the internet:Read more
The last ever Windows 7 Patch Tuesday update also includes a fix to a long standing bug in the Windows cryptographic library (CryptoAPI) which could allow attackers to spoof digital certificates and conduct man-in-the-middle attacks. Microsoft has long warned that January 2020 was the end of support for Windows 7, meaning that this is expectedRead more
A novel attack vector has been seen in the wild: using OAuth permissions to compromise Office365 Accounts Reported by anti-phishing security firm PhishLabs, the new attack leverages the persistent permissions of OAuth authentication to get access to the target Office365 accounts without ever compromising the login credentials. The attack starts with a phishing email whichRead more
