Skip to main content
Tag

blue screen of death

||

Homeland Security Issues Critical BlueKeep Warning

By NewsNo Comments

Homeland Security Issues Critical BlueKeep Warning

Homeland Security’s cyber agency says it has tested a working exploit for the BlueKeep vulnerability, capable of achieving remote code execution on a vulnerable device.

The United States Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA) has declared an official warning to patch the wormable BlueKeep flaw. After confirming the exploit can be used to remotely execute code on vulnerable PCs, the agency released an advisory reiterating the dangers of the vulnerability.

CVE-2019-0708, also known as BlueKeep, is a critical-rated bug that affects computers running Windows 7 and earlier. An exploit able to remotely run code or malware on an affected computer could trigger a global incident similar to the WannaCry ransomware attack of 2017.

“CISA encourages users and administrators review the Microsoft Security Advisory and the Microsoft Customer Guidance for CVE-2019-0708 and apply the appropriate mitigation measures as soon as possible,” CISA writes in its alert.

CISA’s alert serves as a warning that malicious attackers could soon achieve the same results as WannaCry. As of last week, close to 1 million internet-exposed machines are still vulnerable to the flaw, according to researchers.

However, this is just the tip of the iceberg. These devices are gateways to potentially millions more machines that sit on the internal networks they lead to. A wormable exploit can move laterally within that network, rapidly spreading to anything and everything it can infect in order to replicate and spread.

Earlier this month, The U.S. National Security Agency (NSA) also issued a rare advisory, warning users to patch “in the face of growing threats” of exploitation.

Syxsense has added a “BlueKeep At Risk Devices” report to every console to help you stay on top of emerging threats. In seconds, view a list of every device that hasn’t been scanned for the vulnerability see where the risk is detected.

With a few more clicks, you can deploy the patch to every device, run the report and prove to management that you are 100% compliant.

Start a Free Trial

Try Syxsense today and start patching your IT environment with a powerful and easy-to-use IT management toolset.

Syxsense demo

Schedule Your Syxsense Demo

Syxsense combines IT management, patch management, and security vulnerability scanning in one powerful solution. Get started today.

Schedule My Demo
||

Blue Screen of Death Occurring with Feature Updates

By NewsOne Comment

Blue Screen of Death Occurring with Feature Updates

With the introduction of the newest Windows 10 Feature Version 1903, some security application vendors have published known issues when upgrading.

This isn’t the first we’ve heard of Windows 10 upgrades being affected by antivirus or encryption software. But, in fact, Microsoft has always recommended to disable existing security software before upgrading to ensure that there isn’t any conflict during the process, and sometimes Windows will notify automatically.

“Moving to the newest feature version isn’t just another patch or update, but should be treated as an actual upgrade to the entire operating system,” says Jon Cassell, Senior Solutions Architect at Verismic Software, Inc. “Just disabling the security software won’t be enough, especially if it’s full disk encryption. Many recommend decrypting and/or uninstalling the application entirely before upgrading to the latest feature version.”

Recently, ESET has informed its Endpoint Encryption customers that upgrading to Windows 10, version 1903, causes boot errors. Specifically, post-upgrade presents an immediate blue screen error (BSOD) when booting. The device(s) receive the stop code “INACCESSIBLE BOOT DEVICE” and must fully decrypt the volume before repairing the Windows installation manually. It’s feasible the entire volume may even become corrupt and require an entire reformat.

Rather than upgrade and jump through hoops, crossing your fingers that the volume can be repaired, it’s better to proactively prepare a strategy to uninstall the application, push the upgrade accordingly, then reinstall.

Using Syxsense, the inventory feature can easily show any registered security application, such as ESET, Trend Micro, or McAfee, and allow a silent uninstall to take place with software distribution. Once the application has been removed, simply push the new upgrade using Feature Updates and let the end-user decide when they want to install and when they want to reboot their device. Post-upgrade, re-leverage the software distribution feature again to re-install the security application silently; all without the need to troubleshoot a single device manually.

Start a Free Trial

Try Syxsense today and start patching your IT environment with a powerful and easy-to-use IT management toolset.

Syxsense demo

Schedule Your Syxsense Demo

Syxsense combines IT management, patch management, and security vulnerability scanning in one powerful solution. Get started today.

Schedule My Demo