Executive Summary – Spectre and Meltdown dominated the news during the last update cycle but seem to be winding down. The good news here is that strides are being made to mitigate the problem, including a Meltdown and Spectre Detector tool in Microsoft Windows Analytics. The bad news though is that a number of other critical vulnerabilities in Microsoft Outlook and Adobe Flash Player have stepped up to take the place of Spectre and Meltdown.
- DC770 In The News – DEF CON North Atlanta, or DC770, made the front page of the Cartersville Daily Tribune on Wednesday, 6 February 2018. DC770 is a DEF CON group that meets monthly at Jefferson’s in Cartersville. More information is available at the DC770 website and the article is available at the Daily Tribune here (note, this will go behind a pay wall after an undetermined amount of time).
- Mailing List – The response to the new mailing list has been overwhelmingly positive. We had a few logistical issues early on that we believe to be worked out and it seems to be working well. If you haven’t already, you can sign up for free in the right column of our website (Join Our Mailing List).
- MyIT – All of the new Network Ninjas have been deployed and are working extremely well. We’re continuing to improve the overall operations of the Network Ninjas and the service offerings for our MyIT clients. If you would like more information on the Network Ninja or the MyIT program, let us know.
Microsoft – Microsoft has released updates for 53 separate CVEs (an important note here, in the past we’ve reported the number of bulletins released, many of which included multiple CVEs) including two for Microsoft Outlook (CVE-2018-0852 and CVE-2018-0825) that should be patched immediately. Microsoft also released an update to Adobe Flash Player (ADV180004) that is rumored to already be being exploited in the wild, so we’re in agreement with SANS that it too should be patched immediately. A number of vulnerabilities in the Windows Scripting Engine are were patched and marked critical but no exploits have been reported in the wild (yet). There are a number of other vulnerabilities patched in products including Edge, Excel, Office (general), SharePoint and others.Microsoft releases regular updates the second Tuesday of each month, often referred to as ‘Patch Tuesday’. These updates are categorized as Low, Moderate, Important or Critical. Details on the categories are available here. The updates can include any supported Microsoft product from Windows to Office to Internet Explorer and server products like Exchange and SQL Server. If you have one or more of these products installed, especially if the update is listed as Important or Critcial, it’s important that the updates are installed.
Adobe – Adobe released APSB18-01, APSA18-01, APSB18-02, APSB18-03 and APSB18-04 affecting a number of Adobe products with ratings ranging from important to critical. Users are encouraged to review the installation of any Adobe products in their organization and update as soon as possible.
Like Microsoft, Adobe now releases updates to their products on the second Tuesday of each month. Adobe will also release ‘out of band’ updates if necessary to address critical vulnerabilities in their products. Adobe products include Adobe Reader (for viewing PDF files), Adobe Flash Player (often used to watch videos, for interactive content like games, etc.), Adobe Shockwave and the Adobe Creative Suite (Photoshop, Illustrator, Acrobat, Lightroom, etc.).
Java / Oracle – The latest update for Java is Version 8 Update 161, released on 16 January 2017.
Java is a tool that’s widely used by banks, online service providers and even security companies for SSL VPN connections. Java’s ‘official’ release cycle is approximately quarterly but Java updates have been ‘fast and furious’ in recent months. It’s worth noting again that, if you don’t absolutely need Java on your computer, it’s not a bad idea to remove it altogether.
Security News, Sponsored by Piratica – The response to our free vulnerability scan has been overwhelming. More overwhelming though has been the organizations that took advantage of the free scan, found vulnerabilities (exposed servers, unpatched firewalls, thought-to-be retired Remote Desktop servers and more) and addressed them. To that end, we are happy to extend the free vulnerability scan (we haven’t set an end date yet). If you would like to take advantage of this free scan, complete the request form on our website.
Piratica is a risk management firm. We work with client organizations to help them identify and understand the risks to their organizations so that those metrics can be incorporated into the organizations overall security strategy. We believe that the first step in any solution is to correctly and completely identify the problem. Additional information is available on our website, Facebook and Twitter or via our free weekly email newsletter (signup available on our website here).
These updates will be automatically reviewed, approved and installed for MyIT Customers. If you would like more information about the Cyber Tech Cafe MyIT services for your business, please let us know. The Cyber Tech Cafe MyIT services are available in three different levels (Bronze, Silver and Gold) and can provide updates only (Bronze), updates and proactive network auditing and monitoring (Silver) or updates, proactive auditing and monitoring and up to 10 hours of priority support at a significantly discounted rate (Gold). Pricing is based on the number of physical locations, servers and workstations that you have.