New year, new patches!

New year, new patches!

New year, new patches!

New Year’s resolutions? Upgrading your OS may need to be top of the list!

Although Tue 14th January marks the first Patch Tuesday of the decade, for the security community it will be forever known as the day Microsoft ceased support for Windows 7.

Microsoft has been reducing support for older OS versions for some time now. However, after today they will no longer providing patches, updates or indeed technical assistance.

If a new security vulnerability or software bug is discovered, Microsoft will not be releasing a patch for Windows 7. This leaves users who fail to upgrade their OS much more vulnerable to cyber-attacks.

There is clear evidence that hackers specifically target operating systems that have reached end of life; they know that an unpatched and unsupported OS offers a wealth of opportunity for them and they see Windows 7 as yet another potential feast.

It is therefore critical to use this month as an opportunity to upgrade any remaining Windows 7 PC to a latter version of Windows 10 which offers a much more secure OS. The days of ‘if it’s not broken, don’t fix it’ are very long gone and its more important than ever to ensure you are protected by the latest security updates.

Microsoft have also released fixes for 49 other vulnerabilities, 7 critical, 41 important and 1 moderate. There are a variety of patches released for several Microsoft products. These include Windows, IE, OneDrive for Android and Microsoft Dynamics to name a few. The most talked about vulnerability is undoubtedly the CryptoAPI Spoofing vulnerability (CVE-2020-0601) first reported by the NSA.

CryptoAPI Spoofing (CVE-2020-0601)

Although this is still only listed as important, this vulnerability shouldn’t be ignored. If exploited, an attacker can perform man-in-the-middle attacks by creating a code-signing certificate and point at a malicious executable, making it look like the malicious file is from a trusted source.

Windows RD Gateway Vulnerabilities (CVE-2020-0609/CVE-2020-0610)

Both vulnerabilities exist in the Windows RDP Gateway Server, allowing a pre-authenticated attacker to connect to the RD Gateway using RPD, sending crafted requests to trigger the execution of arbitrary code.

Remote Desktop Client Remote Code Execution Vulnerability (CVE-2020-0611)

Another critical vulnerability that exists in the Windows Remote Desktop Client. This can be exploited by an attacker by connecting to a vulnerable host through RDP. If exploited, an attacker can connect to the host as the user, allowing them to install software and even modify data.

Ruairi Corrgian, Vulnerability Management

Options works closely with clients to actively patch any and all vulnerabilities – it is imperative that operating systems and 3rd party software products are kept up to date. Security doesn’t end with vulnerability patching; well-trained employees and a strong supporting security team are also essential. We continuously roll out rigorous training programs alongside numerous platform security enhancements, in addition to new cybersecurity initiatives to safeguard our clients’ data. For the latest on our Security, Intelligence and Analytics product offering, download our product sheet here.

Leave a Reply

Your email address will not be published. Required fields are marked *