Skip to main content
Monthly Archives

April 2018

|||||

Third-Party Patch Update: April 2018

By NewsNo Comments

Cisco Patches Vulnerability in WebEx

Cisco has just released a CVSS 9 rated update for its WebEx software. In their own words, the unpatched vulnerability “could allow an authenticated, remote attacker to execute arbitrary code on a targeted system.”

The malicious party would share a Flash file via WebEx’s sharing capabilities to gain control of targeted devices.

So what is the best option here? We recommend rolling out the update or removing WebEx. Syxsense can facilitate whichever approach is best for your situation.

Our patch management solution can easily identify which devices are running the WebEx software. From there, setting up a task to deploy the updates is incredibly straight forward.

If you decide to remove WebEx, it’s almost exactly the same process, but at the last step, you select “Uninstall” instead of ‘Install.”

Use an IT management solution that works with you, not against you. Syxsense offers a simple, but powerful approach to patching. Automatically keeps desktops, laptops and remote users up-to-date with patches and software updates.

Start a free trial of Syxsense today.

Third-Party Patch Updates

Below is a table of third-party updates from April 2018:

Vendor Category Patch Version and Release Notes: CVSS SCORE
Adobe Media Software  

ActiveX: v29.0.0.140 – https://helpx.adobe.com/security/products/flash-player/apsb18-08.html

 

Flash Player Plugin NPAPI: v29.0.0.140 – https://helpx.adobe.com/security/products/flash-player/apsb18-08.html

 

Flash Player Plugin PPAPI: v29.0.0.140 – https://helpx.adobe.com/security/products/flash-player/apsb18-08.html

 

N/A
 

 

Evernote Corporation  

Evernote: v6.11.2.7027 – https://evernote.com/download

 

N/A
FileZilla FTP Solution v3.32 – https://filezilla-project.org/versions.php

 

N/A
Google Browser  

Chrome: v66.0.3359.117 – https://chromereleases.googleblog.com/2018/04/stable-channel-update-for-desktop.html

 

N/A
 

Malwarebytes

 

Antivirus  

Malwarebytes: v3.4.5.2467 – https://www.malwarebytes.com/support/releasehistory/

 

Oracle  

JavaJRE and JDK: v8u172 – http://www.oracle.com/technetwork/java/javase/8u172-relnotes-4308893.html

 

Wireshark Network Protocol Analyzer  

2.4.6 – https://www.wireshark.org/docs/relnotes/wireshark-2.4.6.html

 

N/A
Syxsense demo

Schedule Your Syxsense Demo

Syxsense combines IT management, patch management, and security vulnerability scanning in one powerful solution. Get started today.

Schedule My Demo
||

Ocean’s IoT: Casino Hacked Through Fish Tank

By News2 Comments

Casino Infiltrated through Internet-Connected Fish Tank Thermometer

Picture this: Jazzy music underscores George Clooney’s Danny Ocean pulling off another daring heist. He’s gathered his crew and it’s go time. Their entry point? A fish tank in the lobby.

Okay, maybe that’s not the best physical access point, but it is how hackers stole data from an unnamed North American casino.

According to Nicole Eagan, CEO of Darktrace, malicious actors manipulated a vulnerability in an internet-connected fish tank thermometer and stole data the casino had collected on their high-roller gamblers.

This is yet another stunning example of how the IoT can create unconventional breaches.

The only way to protect your environment is to identify all connected devices. How can you expect to manage your environment if you don’t even know how many devices there are? Finding all those devices is no simple task; it’s estimated there are already over 8.4 billion connected devices!

Managing IoT Devices

Syxsense is at the forefront of IoT device management. Our discovery solution can detect every device connected to your network; not just desktops, laptops, and servers.

Plug the holes in your environment before they sink your ship.

Syxsense demo

Schedule Your Syxsense Demo

Syxsense combines IT management, patch management, and security vulnerability scanning in one powerful solution. Get started today.

Schedule My Demo
|||

Whitepaper: Avoiding Patch Doomsday

By Patch ManagementNo Comments

Creating the Ultimate Patch Strategy

Unpatched applications and systems not only expose security risks, they also open the door to data loss, corruption, and performance issues. Even with an understanding of best practices, it is still difficult to create a trustworthy process.

To avoid Patch Doomsday, it is critical for every organization to implement a strong, efficient patch management strategy.

Patching should be a standard IT process to ensure your organization is always protected. Although many companies rely on auto-updates, our whitepaper explains why this can actually lead to more security holes.

A simple approach is the key to IT success. This doesn’t mean worrying about cyberattacks for a week every time something like WannaCry or NotPetya hits the press.

This whitepaper breaks down the assumptions that many IT professionals have about managing their environment. When a future ransomware attack occurs, these mistakes could significantly contribute to the spread of malware.

When the next doomsday strikes, you should be completely bulletproof. Embrace an intuitive approach to patch management.

Start a Free Patch Management Trial

Syxsense is a predictive solution that automatically keep desktops, laptops and remote users up-to-date with security patches.

Syxsense demo

Schedule Your Syxsense Demo

Syxsense combines IT management, patch management, and security vulnerability scanning in one powerful solution. Get started today.

Schedule My Demo
||

Could Your IoT Devices be Hacked with a Google Search?

By NewsNo Comments

Most Companies Are Unprepared for the IoT

Researchers at Ben-Gurion University warn that hackers have an unexpected resource in exploiting your environment: a Google search. IoT device manufactures set a default password for their devices, sometimes even sharing passwords between brands.

“It only took 30 minutes to find passwords for most of the devices [used in the testing] and some of them were found merely through a Google search of the brand,” said Omer Shwartz, a Ph.D. student and researcher at Ben-Gurion.

Thanks to a survey by ForeScout and CensusWide, we also have an eye-opening view into how unprepared companies are for the Internet of Things.

500 CIOs and IT managers provided data and here are the take aways:

  • Approximately 15% do no keep security patches up to date.
  • 47% don’t change the default passwords on devices.
  • Up to 46% said they did not have a full view of the devices connected to their networks.

This is startling. Nearly half of the businesses involved in the survey couldn’t even begin managing their IoT devices. With no way to see which devices are connected to their network, they wouldn’t be able to patch or manage vulnerable devices.

Myles Bray, vice president of EMEA at ForeScout, stated: “IoT has expanded the attack surface considerably for all firms, and without basic security hygiene it is easy for bad actors to gain a foothold and then move laterally on a network to reach high-value assets and cause business disruption.”

When asked about the results of the survey Natan Bandler, CEO and Co-Founder of Cy-OT, added “What is needed is a dedicated cybersecurity solution that is monitoring both the IoT device and its activity…By doing this, an organization will be able to detect when and which devices are at risk.”

IoT Device Management

To detect all of your IoT devices, look to Syxsense. Our product is the first to be able to scan and identify the IoT devices connected to your environments.

Learn more about our IoT capabilities with our video and by starting a trial today!

Syxsense demo

Schedule Your Syxsense Demo

Syxsense combines IT management, patch management, and security vulnerability scanning in one powerful solution. Get started today.

Schedule My Demo
|||

April Patch Tuesday: Don’t Get Burned Twice

By News, Patch TuesdayNo Comments

Manage Your Vulnerabilities

As we explored in our Total Meltdown article, some updates actually made Windows 7 less secure in the last round of Microsoft Patch Tuesday. Even worse, some caused significant performance issues on older hardware models. Many industry experts are recommending you disable Windows updates, or delay any other form of patch management in anticipation of another bad batch of updates.

Robert Brown, Director of Services for Verismic said, “We trust our technology and we trust the experts leading our security teams. Design a patch management release process which includes time for the necessary testing before global deployment. Not doing patch management only helps the hackers who are looking to expose your network.”

Adobe Patches Critical Bugs in Flash

Adobe fixed four critical vulnerabilities in its Flash Player and InDesign products as part of its regularly scheduled release. In all, Adobe released 13 patches for products including Adobe Experience Manager, Adobe InDesign CC, Adobe Digital Editions and the Adobe PhoneGap Push Plugin. According to Adobe, None of these updates have active exploits in the wild for any of the issues addressed in these updates.

Ransomware Attackers are Targeting Servers over Desktops

According to Verizon, ransomware was found in 39% of cases involving malware. Experts believe ransomware has become so prevalent due to easy deployment, even for less skilled cybercriminals. The risks and costs associated with conducting an operation are also relatively small for the attacker.

Cybercriminals have increasingly started using ransomware to target mission-critical systems, such as file servers and databases. This causes more damage to the targeted organization compared to only desktop systems getting compromised. According to the latest DBIR, financially-motivated attacks remain the most common and accounted for 76% of breaches analyzed in 2017. Cyber espionage is the second most common type of attack, accounting for 13% of breaches.

Robert Brown, Director of Services for Verismic said, “When we onboard our clients with Syxsense, we focus not only on protecting the desktops, instead focus on a viable patching strategy which includes all endpoints within the business, including servers. Syxsense has industry experts to help clients protect their environment with a proactive approach to Windows, Linux and Mac OS patch management.”

Patch Tuesday Release

Microsoft addressed 65 vulnerabilities in Microsoft Windows, Microsoft Internet Explorer, Microsoft Edge, Microsoft SharePoint, and Microsoft Office. The vulnerabilities could allow an attacker to execute arbitrary code, gain elevated privileges, bypass security protections, view sensitive information, or cause a denial of service (DoS) condition. We have chosen a few updates to prioritize this month, this recommendation has been made using evidence from industry experts (including our own) and anticipated business impact.

CVE Number Vulnerability Alert CVSS Score Recommended
CVE-2018-1010 Microsoft Windows Embedded OpenType Font Engine Arbitrary Code Execution Vulnerability 8.8 Yes
CVE-2018-1012 Microsoft Windows Embedded OpenType Font Engine Arbitrary Code Execution Vulnerability 8.8 Yes
CVE-2018-1013 Microsoft Windows Embedded OpenType Font Engine Arbitrary Code Execution Vulnerability 8.8 Yes
CVE-2018-1015 Microsoft Windows Embedded OpenType Font Engine Arbitrary Code Execution Vulnerability 8.8 Yes
CVE-2018-1016 Microsoft Windows Embedded OpenType Font Engine Arbitrary Code Execution Vulnerability 8.8 Yes
CVE-2018-0870 Microsoft Internet Explorer Memory Corruption Vulnerability 7.5 Yes
CVE-2018-0956 Microsoft Windows HTTP.sys Denial of Service Vulnerability 7.5 Yes
CVE-2018-0981 Microsoft Internet Explorer Scripting Engine Memory Corruption Vulnerability 7.5 Yes
CVE-2018-0988 Microsoft Internet Explorer Memory Corruption Vulnerability 7.5 Yes
CVE-2018-0996 Microsoft Internet Explorer Scripting Engine Memory Corruption Vulnerability 7.5 Yes
CVE-2018-0997 Microsoft Internet Explorer Memory Corruption Vulnerability 7.5 Yes
CVE-2018-1000 Microsoft Internet Explorer Scripting Engine Information Disclosure Vulnerability 7.5 Yes
CVE-2018-1001 Microsoft Internet Explorer Scripting Engine Memory Corruption Vulnerability 7.5 Yes
CVE-2018-1018 Microsoft Internet Explorer Memory Corruption Vulnerability 7.5 Yes
CVE-2018-1020 Microsoft Internet Explorer Memory Corruption Vulnerability 7.5 Yes
CVE-2018-1028 Microsoft Office Graphics Arbitrary Code Execution Vulnerability 7.5 Yes
CVE-2018-0957 Microsoft Windows Hyper-V Information Disclosure Vulnerability 7.2 Yes
CVE-2018-0964 Microsoft Windows Hyper-V Information Disclosure Vulnerability 7.2 Yes
CVE-2018-1003 Microsoft Windows JET Database Engine Arbitrary Code Execution Vulnerability 7.1 Yes
CVE-2018-0963 Microsoft Windows Kernel Elevation of Privilege Vulnerability 7 Yes
CVE-2018-1008 Microsoft Adobe Type Font Driver Privilege Escalation Vulnerability 7 Yes
CVE-2018-1009 Microsoft DirectX Graphics Kernel Subsystem Privilege Escalation Vulnerability 7 Yes
Syxsense demo

Schedule Your Syxsense Demo

Syxsense combines IT management, patch management, and security vulnerability scanning in one powerful solution. Get started today.

Schedule My Demo
WSUS Forces Upgrades|

Strike Three for WSUS

By NewsNo Comments

Microsoft Ignores Deferral Settings, Forces Win10 Updates

For the third time in the last few months, Microsoft pushed updates to Win10 machines that had deferral preferences set. Windows 10 versions 1507, 1511, 1607, and 1703 have been affected and pushed to 1709, whether a user wanted it or not.

Microsoft’s response to this invasive error? Just try rolling the update back – oh, and good luck with that.

It’s time to accept that WSUS can’t be trusted to automate patching. With major downsides like no third-party updates and a complex user interface, WSUS has now struck out with this latest failing. It’s time for a better way to manage updates.

Replacing WSUS

Syxsense’s Patch Manager is the solution. With detailed patch detection, stable deployments, and even easy roll back, CMS Patch Manager is the only choice to replace WSUS.

Find a better way and start your trial with Syxsense.

Syxsense demo

Schedule Your Syxsense Demo

Syxsense combines IT management, patch management, and security vulnerability scanning in one powerful solution. Get started today.

Schedule My Demo
|||

Syxsense Achieves High Marks from Users

By NewsNo Comments

Users Love Ease of Use, Powerful Features and Reliable Support

G2 Crowd recently released their Spring 2018 Reports. Syxsense was included in four unique lists, highlighting ease of product use and customer satisfaction: Grid® Report for Enterprise IT Management Suites, Usability Index for Enterprise IT Management Suites, Implementation Index for Enterprise IT Management Suites, and Relationship Index for Enterprise IT Management Suites.

“Rankings on G2 Crowd reports are based on data provided to us by real users,” said Michael Fauscette, chief research officer, G2 Crowd. According to their site, they are the world’s leading business solution review platform and they leverage more than 381,000 user reviews to drive better purchasing decisions.

The award-winning software has received high marks from users around the world on sites like G2 Crowd and Capterra. Here are a few recent reviews:

“The product is exactly what we were looking for from a patch management solution. It is flexible, salable and cost effective as well as easy to manage and maintain. When you do come across an issue or have any questions the support and account management teams can’t be any more helpful – Generally I see replies to my support cases in a matter of minutes and have never had any issues that are left unresolved. I have monthly calls with our account manager who is always well informed of anything you have raised with them. Full training was provided and the team are willing to complete further training for our growing team.” – Christian Davies, Avecto

“Before using Syxsense, it was a struggle to manage over 400 devices with SCCM and WSUS. Patching was inefficient and we had no way to keep clients updated with installation reports. With CMS, we were able to get up and running right away. It’s very easy to use. Reporting was extremely crucial for us. Now we can keep clients informed of updates and patches installed on every device in their environment.” – David Desjardins, Helient Systems

Syxsense is humbled by the positive reviews from our users. We continue to strive to provide the best IT management experience on the market.

Discover a better way to patch everything, anytime. Start a trial with Syxsense.

Syxsense demo

Schedule Your Syxsense Demo

Syxsense combines IT management, patch management, and security vulnerability scanning in one powerful solution. Get started today.

Schedule My Demo
||

Meltdown Patch Burns Windows 7 Users

By NewsNo Comments

Total Meltdown

Sometimes software updates cause more issues than they fix. Microsoft have made a major error in protecting Windows from Meltdown. Thanks to researcher Ulf Frisk, we are now aware that the January Patch Tuesday update has created new issues.

The patches that were supposed to protect from Meltdown instead opened up a vulnerability way worse… It allowed any process to read the complete memory contents at gigabytes per second and was possible to write to arbitrary memory as well.

This vulnerability is a concern for any device or organization running Windows 7 or Windows Server 2008 R2. Other Windows OS, such as 10 and 8.1, are secure.

For Windows 7 and 2008 R2 users, Microsoft says their March Patch Tuesday release address this exploit. Robert Brown, Director of Services said, “This is not the first time Microsoft have released a patch to fix a patch, however because of the severity and global exposure we are recommending our clients deploy this update as quickly as possible.”

With Syxsense, it’s simple to detect which devices need an update and deploy to those endpoints. The guided deployment wizard is quick, but with a depth of options. You can set reboot options, end user snooze reboot, and even roll back patches as easily as you deploy them.

Discover a better way to manage anything, anytime. Start a trial with Syxsense.

Syxsense demo

Schedule Your Syxsense Demo

Syxsense combines IT management, patch management, and security vulnerability scanning in one powerful solution. Get started today.

Schedule My Demo