Microsoft Releases Out-of-Band Security Updates
Patching your software is one of the most important, yet ignored, tasks in computing. If your internal IT team or person handles it, it’s oftentimes on a manual basis. This means a person having to patch each endpoint, one after another. It’s time consuming, and not at the top of many peoples’ lists of things to do. Keeping all of your software up to date with the latest threat definitions can help your business’ network and data stay secure. Recently, in a somewhat atypical move, Microsoft announced that they released emergency, out-of-band security updates to fix two critical security issues.
The two vulnerabilities were patched off of Microsoft’s typical “patch Tuesday” schedule. Generally, the software giant release bug fixes on the second Tuesday of every month. The fact that they broke their patch schedule shows that the two vulnerabilities were critical for their customers. Let’s take a look at the two updates and how they’ll function to secure Microsoft products.
Internet Explorer Zero-Day
The first, and obviously most significant patch, is a zero-day vulnerability found in Internet Explorer. IE is an antiquated (and much maligned) Internet Browser that comes on most Microsoft operating systems. Since this is a zero-day event, the vulnerability had already been exploited in places.
Little is known about the vulnerability, but Microsoft did call it a remote code execution exploit that, if accessed, could give a user control over the user account of another. The attack requires phishing an Internet Explorer user onto a malicious website. Once there, an attacker would be able to gain access over the user account of the visitor. Luckily, IE currently has an active market share of under two percent. Attacks have already happened, so if you’re in the 2%, you should remain vigilant about the use of IE.
Microsoft Defender DOS Bug
The other issue fixed in the out-of-band patch was a denial of service vulnerability in Microsoft Defender. The antivirus program ships with all Windows 10 PCs and is a core component in Windows 10’s sterling security record.
The bug itself isn’t much of an issue. To successfully exploit it, an attacker would need unfettered access to a computer and the ability to execute some code. It disables Windows Defender components and gives people with access (and the ability to code) the chance to completely take over a system with malware or other more sophisticated programs.
Ashton Technology Solutions Patch Process
Ashton patches automatically and remotely for all of its client base. Generally speaking, patches are tested in our own labs, then pushed out to our clients. This allows us to confirm that these new patches won’t ‘break’ anything with which they are interacting. In the case of the two recent off-band patches, we handled them somewhat differently. Since the IE issue was a zero-day, it was pushed out immediately. Since the Defender issue was known, and is viewed as an ‘increased permission exploit’, our engineers took the time to review and test, before including it on our regular patching schedule.
Keeping your software patched and running smoothly is extremely important. Reach out to our expert IT team today to see how Ashton Technology Solutions can help you manage your software and system updates at 216 397-4080.