Skip to main content
Tag

IT security

Microsoft Warns Windows 10 1803 Users to Upgrade

By NewsNo Comments

Microsoft Warns Windows 10 1803 Users to Upgrade

Microsoft has started to display a warning to users running Windows 10 1803 that states the version is nearing end of support.
[vc_empty_space]
[vc_single_image image=”34930″ img_size=”full”]

Support for Microsoft Windows 10 Version 1803 (April 2018 Update), on consumer-based licenses, will be ending in just a few weeks. Microsoft has already started recommending an update to all end-users before the forced upgrade begins.

“Windows 10, version 1803 will reach the end of servicing on November 12, 2019. This applies to the following editions* of Windows 10 released in April of 2018: Windows 10, version 1803, Home, Pro, Pro for Workstations, and IoT Core,” Microsoft published on their website. “These editions will no longer receive security updates after November 12, 2019. Customers who contact Microsoft Support after this date will be directed to update their device to the latest version of Windows 10 to remain supported.”

Despite this only applying to non-enterprise licenses of Windows 10, since Enterprise and Education licenses will expire on November 10, 2020, it’s still imperative for all unsupported versions to be upgraded as soon as possible. Any unsupported devices will not receive the latest and greatest quality updates from Microsoft and will be left open to vulnerabilities until upgraded.

Earlier this year, Microsoft officials stated that they were putting AI algorithms in place that would automatically update those on older variants of Windows 10 directly to 1903, the May 29109 Update via the Windows Update service.

As of July 16, Microsoft started to initiate this upgrade for devices “that are at or nearing end of service and have not yet updated their device,” Microsoft’s documentation states.  “Based on a large number of devices running the April 2018 Update, that will reach end of 18 months of service [in November], we are starting the update process now for Home and Pro editions to help ensure adequate time for a smooth update process.”

Although this started back in June and we can only hope many personal devices have been automatically upgraded, end-users always seem to choose their own path and have been known to ‘turn-off’ the Windows Update services. Whether a personal device in a non-enterprise setting or versions of Windows 10 Pro being used within an organization, it’s still possible these consumer versions may exist within the industry and could potentially be left out-of-date as well as a major vulnerability within the network.

Leverage a Cloud-Based Solution

Trusting Windows Update alone, or even WSUS with Pro versions, may or may not bring these devices to a supported version.

Using a cloud-based solution to bring older Windows 10 devices up-to-date ensures success and standardization, whether devices are inside or outside the network.

[vc_separator css=”.vc_custom_1552427883977{padding-top: 20px !important;padding-bottom: 20px !important;}”]

Start a Free Trial

Try Syxsense today and start patching your IT environment with a powerful and easy-to-use IT management toolset.
[vc_btn title=”Get Started with Syxsense” color=”warning” size=”lg” align=”center” link=”url:https%3A%2F%2Fwww.syxsense.com%2Fsyxsense-trial|||”]
||

Homeland Security Issues Critical BlueKeep Warning

By NewsNo Comments

Homeland Security Issues Critical BlueKeep Warning

Homeland Security’s cyber agency says it has tested a working exploit for the BlueKeep vulnerability, capable of achieving remote code execution on a vulnerable device.
[vc_empty_space]
[vc_single_image image=”30528″ img_size=”full” alignment=”center”]

The United States Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA) has declared an official warning to patch the wormable BlueKeep flaw. After confirming the exploit can be used to remotely execute code on vulnerable PCs, the agency released an advisory reiterating the dangers of the vulnerability.

CVE-2019-0708, also known as BlueKeep, is a critical-rated bug that affects computers running Windows 7 and earlier. An exploit able to remotely run code or malware on an affected computer could trigger a global incident similar to the WannaCry ransomware attack of 2017.

“CISA encourages users and administrators review the Microsoft Security Advisory and the Microsoft Customer Guidance for CVE-2019-0708 and apply the appropriate mitigation measures as soon as possible,” CISA writes in its alert.

CISA’s alert serves as a warning that malicious attackers could soon achieve the same results as WannaCry. As of last week, close to 1 million internet-exposed machines are still vulnerable to the flaw, according to researchers.

However, this is just the tip of the iceberg. These devices are gateways to potentially millions more machines that sit on the internal networks they lead to. A wormable exploit can move laterally within that network, rapidly spreading to anything and everything it can infect in order to replicate and spread.

Earlier this month, The U.S. National Security Agency (NSA) also issued a rare advisory, warning users to patch “in the face of growing threats” of exploitation.

[vc_single_image image=”30124″ img_size=”full” alignment=”center”]

Syxsense has added a “BlueKeep At Risk Devices” report to every console to help you stay on top of emerging threats. In seconds, view a list of every device that hasn’t been scanned for the vulnerability see where the risk is detected.

With a few more clicks, you can deploy the patch to every device, run the report and prove to management that you are 100% compliant.

[vc_btn title=”Start a Free Trial of Syxsense” color=”info” size=”lg” align=”left” link=”url:%2Fsyxsense-trial|||”]
[vc_separator css=”.vc_custom_1552427883977{padding-top: 20px !important;padding-bottom: 20px !important;}”]

Start a Free Trial

Try Syxsense today and start patching your IT environment with a powerful and easy-to-use IT management toolset.
[vc_btn title=”Get Started with Syxsense” color=”warning” size=”lg” align=”center” link=”url:%2Fsyxsense-trial|||”]
||

Blue Screen of Death Occurring with Feature Updates

By NewsNo Comments

Blue Screen of Death Occurring with Feature Updates

With the introduction of the newest Windows 10 Feature Version 1903, some security application vendors have published known issues when upgrading.
[vc_empty_space]
[vc_single_image image=”30507″ img_size=”full” alignment=”center”]

This isn’t the first we’ve heard of Windows 10 upgrades being affected by antivirus or encryption software. But, in fact, Microsoft has always recommended to disable existing security software before upgrading to ensure that there isn’t any conflict during the process, and sometimes Windows will notify automatically.

“Moving to the newest feature version isn’t just another patch or update, but should be treated as an actual upgrade to the entire operating system,” says Jon Cassell, Senior Solutions Architect at Verismic Software, Inc. “Just disabling the security software won’t be enough, especially if it’s full disk encryption. Many recommend decrypting and/or uninstalling the application entirely before upgrading to the latest feature version.”

Recently, ESET has informed its Endpoint Encryption customers that upgrading to Windows 10, version 1903, causes boot errors. Specifically, post-upgrade presents an immediate blue screen error (BSOD) when booting. The device(s) receive the stop code “INACCESSIBLE BOOT DEVICE” and must fully decrypt the volume before repairing the Windows installation manually. It’s feasible the entire volume may even become corrupt and require an entire reformat.

Rather than upgrade and jump through hoops, crossing your fingers that the volume can be repaired, it’s better to proactively prepare a strategy to uninstall the application, push the upgrade accordingly, then reinstall.

Using Syxsense, the inventory feature can easily show any registered security application, such as ESET, Trend Micro, or McAfee, and allow a silent uninstall to take place with software distribution. Once the application has been removed, simply push the new upgrade using Feature Updates and let the end-user decide when they want to install and when they want to reboot their device. Post-upgrade, re-leverage the software distribution feature again to re-install the security application silently; all without the need to troubleshoot a single device manually.

[vc_separator css=”.vc_custom_1552427883977{padding-top: 20px !important;padding-bottom: 20px !important;}”]

Start a Free Trial

Try Syxsense today and start patching your IT environment with a powerful and easy-to-use IT management toolset.
[vc_btn title=”Get Started with Syxsense” color=”warning” size=”lg” align=”center” link=”url:%2Fsyxsense-trial|||”]
||||

How Executives Can Prevent Data Breaches

By NewsNo Comments

How Executives Can Prevent Data Breaches

When the total average cost of a data breach is $3.86 million, preventable problems are not acceptable. Here's how to mitigate the risk.
[vc_empty_space]
[vc_single_image image=”30024″ img_size=”full”]

This article was originally featued in Hackernoon

Data breaches are so much a part of our way of life that we barely bat an eye any more when another company gets their data stolen. In fact, some publication or another has called every year since 2005 the “year of the data breach”. Every year there are multiple new high-profile thefts of consumer data, and a lot of them are preventable.

Equifax’s 2017 data breach is one of the best-known, and it stemmed from one of the dumbest possible reasons: not keeping up to date with patches. There are multitudes of basic, preventable problems that have caused huge data breaches: sequential user IDs in plaintext, plaintext password storage, transaction logs that don’t check balance on every transaction — the list goes on and on…

When the total average cost of a data breach is $3.86 million, preventable problems are not acceptable.

[vc_single_image image=”30026″ img_size=”full” alignment=”center”]

But data breaches are preventable, and as an executive you have the responsibility to make sure they don’t happen. Here’s how you can mitigate the risk.

1. Get Your Staffing Right

Equifax’s data breach was particularly egregious for a few reasons. One was the scope of the breach, with 143 million people put at risk. Another was their chief security officer being a music major with no known credentials in security.

A company of that size putting their trust in someone who had no credentials in the field is unfathomable. For patching to go undone for that long is also unfathomable, given that the patch that would have fixed the security hole had been available for months.

This could have been fixed with proper staffing. Getting the right people in the right positions is key in any organization, but in an organization that’s responsible for this much user data, it’s absolutely crucial. Make sure those key security positions are locked down.

2. Make Sure There’s Accountability In Place

When two-thirds of CEOs have organizational control over IT and 60 percent have control of the IT budget, the buck stops at the top desk.

Creating a culture of accountability starts at the top. You can’t get into a checklist mentality — once you’ve got your security checklists done, you still can’t rest. A properly-motivated staff looks for other ways to safeguard against things like zero day exploits and other possibilities that won’t show up on a checklist. Even if you’re trying to be GDPR-compliant, it will help — but there are things that won’t show up if that’s all you do.

[vc_single_image image=”30028″ img_size=”full” alignment=”center”]

Accountability starts with the C-suite. Are you empowering the right people to make decisions in the department? Giving them the budget they need? Holding them accountable for breaches and helping them create a better infrastructure?

As Ashley Leonard, CEO of Syxsense, told me in an email, “When it comes to an IT department, it’s important to give them the tools and people they need to do their job. Otherwise, when mistakes happen, the responsibility lies with the C-suite and not the people on the ground. Automatic solutions for patching, innovative employees that come up with possible vectors of invasion, pen testing … all those things go into creating a strategy that keeps your company safe.”

3. Educate Your Employees

This doesn’t just apply to IT. It’s important for every level of a company.

Kaspersky Labs notes that “The vast majority of data breaches are caused by stolen or weak credentials. If malicious actors have your username and password combination, they have an open door into your network. Because most people reuse passwords, cyber criminals can gain entrance to email, websites, bank accounts, and other sources of PII or financial information.”

Make sure you’re keeping your employees up to date with common phishing strategies and testing them periodically to make sure they’re on top of it. Rotate passwords frequently, even if they grumble. It’s important to make sure they don’t unwittingly open your network to attack, and that starts with proper education.

Phishing is one of the most common routes of attack for both personal identity theft and corporate data theft. It’s also getting harder to detect as groups start to use multiple redirects to obfuscate URLs. If you can stop at least the very common methods, you’ll be a lot safer.

4. Stop Data Breaches Before They Happen

Not every breach can be stopped, but it’s absolutely key that you do everything you can to keep them from happening. Data breaches are on the rise across the United States and the world. As more information makes its way onto the Internet, there are more and more ways for us to have our identities compromised and more companies that have our personal information to steal.

[vc_line_chart type=”line” x_values=”2005; 2006; 2007; 2008; 2009; 2010; 2011; 2012; 2013; 2014; 2015; 2016; 2017; 2018; 2019″ values=”%5B%7B%22title%22%3A%22Data%20Breaches%22%2C%22y_values%22%3A%22157%3B%20321%3B%20446%3B%20656%3B%20498%3B%20662%3B%20419%3B%20447%3B%20614%3B%20783%3B%20781%3B%201093%3B%201579%3B%201244%22%2C%22color%22%3A%22blue%22%7D%2C%7B%22title%22%3A%22Million%20Records%20Exposed%22%2C%22y_values%22%3A%2266.9%3B%2019.1%3B%20127.7%3B%2035.7%3B%20222.5%3B%2016.2%3B%2022.9%3B%2017.3%3B%2091.98%3B%2085.61%3B%20169.07%3B%2036.6%3B%20178.96%3B%20446.52%22%2C%22color%22%3A%22pink%22%7D%5D” title=”Annual Number of Data Breaches and Exposed Records in the United States (In Millions)”]

You can’t prevent every incursion, but what you can do is harden your perimeter. Make sure you’re not leaving holes in your security through negligence or starving your IT department of resources. Establish a culture of accountability, hire the right people, educate your employees, devote the proper resources to staying patched and secure, and you’ll be able to stop most attacks before they happen.

[vc_separator css=”.vc_custom_1552427883977{padding-top: 20px !important;padding-bottom: 20px !important;}”]

Start a Free Trial

Try Syxsense today and start patching your IT environment with a powerful and easy-to-use IT management toolset.
[vc_btn title=”Get Started with Syxsense” color=”warning” size=”lg” align=”center” link=”url:%2Fsyxsense-trial|||”]
|||

How to Boost Your Team’s Efficiency by Automating IT Processes

By Patch ManagementNo Comments

How to Boost Your Team’s Efficiency by Automating IT Processes

Given the demand for timely action in today's business landscape, automation can help organizations and their IT teams operate more efficiently.
[vc_empty_space]
[vc_single_image image=”29217″ img_size=”full”]

Written by Ashley Leonard, CEO and President at Syxsense

IT teams are responsible for making sure that all technologies and devices used in the workplace work. And, thanks to the widespread adoption of technology by businesses, almost all tasks and processes now require their participation and involvement.

Organizations are shifting many of their workloads to the cloud. So, aside from tending to the on-premises infrastructure, IT teams also have to perform other tasks such as support and monitor access and subscriptions to these cloud services. The explosion of affordable hardware, mobile devices, and the Internet-of-Things is also adding more endpoints to their custody. The prevalence of cyberattacks has also placed added burden on them to secure the network and mitigate threats.

Then there are the seemingly minor daily concerns such as requests for password resets, printer toner replacement, or complaints on slow internet from their colleagues that could pile up. Between 20 to 50 percent of help desk tickets are password reset requests.

IT management has become a monumental undertaking. Fortunately, IT teams are able to manage all these tasks through automation. IT automation is about using tools that monitor the network, watch out for certain conditions, and trigger actions that would readily address issues.

Firewalls and safe email policies can prevent many attacks, but hackers can just as easily gain access to your information through un-patched, out-of-date software. Each of your software tools should be updated regularly to mitigate potential risks. Automating patch deployment can ensure that no update slips through the cracks.

Take the case of software updates. Performed manually, IT staff of a medium-sized organization could be looking at working on hundreds or even thousands of devices. But through automation, these updates could now be configured to download and install as scheduled, minimizing the work for teams.

Most IT processes can be automated and companies should consider leveraging this capability to boost their IT team’s efficiency and effectiveness. Here are other areas of IT management where automation can be used.

Asset Discovery and Tracking

IT can be one of the more expensive investments companies can make. As such, it’s important for IT teams to be able to track all their employees’ digital assets including all hardware, software, and appliances. Knowing the specific assets available to them can help organizations better deploy resources.

[vc_single_image image=”29221″ img_size=”full”]

IT management platforms can help quickly build such lists through capabilities such as automated network discovery and inventory. Devices connected to the network are automatically profiled including all hardware specifications and the list of installed software in each device.

Knowing what assets are assigned to staff could also encourage accountability from end users. Hardware loss and theft is quite common. One study revealed that 84 percent of businesses surveyed reported losing laptops. Having a historical record of inventories can also help companies track if certain devices become missing.

Software and Patch Deployment

Keeping software and hardware up-to-date is considered good practice. Application developers and hardware manufacturers periodically release updates and patches to their products which may contain new features and functionalities or address vulnerabilities.

[vc_single_image image=”29220″ img_size=”full”]

Deploying software and patches typically requires identifying affected endpoints and installing the updates. Doing this manually can take quite a lot of time considering patch deployment is a time-critical task.

Fortunately, the process can likewise be automated where management platforms can used to automatically check for updates from developers, identify target endpoints within the network, and deploy the patches.

Backups and Recovery

Data is the lifeblood of most organizations these days so working without data backups can be a disaster waiting to happen. Work can be set back months, even years, should company data become lost or corrupted.

Conventionally, backups are done through scheduled remote uploads and redundant storage. However, workplaces are changing. Businesses can generate and process large volumes of data within a day so even scheduled backups may not be enough to ensure data protection. Teams may also involve workers located offsite making on-premises storage inadequate to store data coming from external sources.

New solutions such as continuous data protection (CDP) can be used to automatically detect any changes to work files and folders and back these changes up to a secure location in real time. CDP solutions even keep revision histories of these files so users can revert back to a previous version in case there are issues with their current version. This way, all company data are safely stored. In addition, these solutions can be used with mechanisms that initiate failover and recovery in case of outage or downtime.

Security Monitoring and Response

Cybersecurity has become top a priority for IT teams given how rampant attacks have become. Attacks can happen any time especially now that attackers are also using automation to launch breach attempts.

IT teams now need to actively monitor and respond to threats. Unfortunately, capable security talent are rare and expensive. More than half of organizations claim that there’s a worrying shortage of cybersecurity skills. To bridge this gap, organizations can rely on automation to help them deal with threats.

Automation has found its way to various security tasks. Anti-malware tools not only perform real-time scanning of devices but they can also automatically quarantine or even send samples for analysis. Security platforms like Syxsense can also detect and block malicious traffic from accessing networks. Automation can also be used to take machines offline in cases they are affected by recently discovered vulnerabilities. This way, any potential damage can be avoided.

[vc_single_image image=”28837″ img_size=”full”]

Conclusion

Given the demand for swift and timely action in today’s business landscape, automation can truly help organizations and their IT teams operate more efficiently. Automation doesn’t only help accomplish tasks faster but it can also minimize human error where lapses, incompetence, or fatigue, could lead to significant issues. Automation of a wide variety of IT tasks also frees up the team to refocus their efforts on more strategic and creative initiatives.

||||

How Endpoint Management Can Keep Your Workplace Secure

By Patch ManagementNo Comments

How Endpoint Management Can Keep Your Workplace Secure

Your workplace can be more secure with a solid IT security strategy.
[vc_empty_space]
[vc_single_image image=”28832″ img_size=”full”]

This article originally appeared on The Hacker News

Workplaces have become highly connected. Even a small business could have dozens of devices in the form of desktops, mobile devices, routers, and even smart appliances as part of its IT infrastructure.

Unfortunately, each of these endpoints can now be a weak link that hackers could exploit. Hackers constantly probe networks for vulnerable endpoints to breach.

For example, systems and applications that are configured using recycled user names and passwords can easily be hacked given the availability of leaked credentials online.

Password management service LastPass noted that 59% of users use the same password for multiple accounts.

Malware and malicious processes may also target workstations. Cybersecurity firm Symantec found a 1,000 percent increase in PowerShell script attacks in 2018. These attacks use cleverly disguised malicious processes that appear legitimate at a cursory glance. This is why the IT security career is quickly evolving into a huge market.

However, because of the number of devices in workplaces, keeping networks safe from hackers has become quite a massive undertaking. Fortunately, organizations now have access to a variety of tools that help mitigate these threats such as endpoint management solutions.

Diane Rogers, Product Manager for Realtime Security of Syxsense, shares:

“It only takes one compromised endpoint to bring a whole network down. Even for smaller businesses, the loss of data, theft of intellectual property, and downtime could cost tens of thousands of dollars to deal with.”

“This doesn’t even include potential losses from government fines and negative publicity. Therefore, it’s critical for administrators to have control over the devices connected to their networks. One way they could do this is through effective endpoint management.”

Here are four ways endpoint management can help secure the workplace’s IT.

1 – Device audits

IT teams should know exactly what hardware and software comprise their infrastructure. But thanks to the surge in the cloud and mobile computing adoption, there’s now what’s called a “shadow IT” in workplaces comprised of unsanctioned applications and devices that workers use.

Using endpoint management solutions, IT teams can automatically discovery all devices connected to the network, their specifications, and the systems and software that run on them.

Having this list allow administrators to review and vet these applications and devices to see if they are free from risks. This way, administrators can then restrict and regulate the use of these technologies.

Audit results can also be collected over time. Audit histories can be used to check and verify the changes that happen to the network including the potential loss and theft of devices.

2 – Process tracking and termination

Hackers continue to use social engineering attacks such as phishing to trick users into downloading and installing malicious scripts to their devices that are designed to steal information, cause disruption to operations, or destroy data across the network.

Users may not be aware if their devices are already compromised as many of these malware are designed to run silently in the background.

By enabling remote access to endpoints, system administrators can review active processes and readily terminate dubious ones.

3 – Automated patch deployment

Fortunately, developers continuously release updates to fix bugs and flaws in their products and services. Previously, administrators have to judiciously keep track of security and update bulletins to know if there are new patches that need to be downloaded and deployed.

Today, endpoint management solutions can automatically detect available firmware and software updates for each device connected to the network.

These patches can also be automatically deployed across devices, including to Internet-of-Things devices. Updates can be performed as soon as fixes become available even during off-hours, minimizing the IT team’s workload and the downtime caused by patching.

4 – Accurate information and real-time action

System administrators must also be able to decide immediately on what actions to take should threats manifest themselves. Endpoint management solutions can reference audit results to identify which endpoints are affected.

By having the most up-to-date information about the system, administrators would also be able to recommend the right actions to decision makers.

For instance, critical vulnerabilities without available fixes may require affected endpoints to be taken offline.

Through audits, administrators and decision-makers would have the information they need to assess the impact on the business end such as the number of potential workstations affected and expected downtime. Knowing these, they could work on contingencies.

[vc_single_image image=”28837″ img_size=”full”]

Syxsense, for instance, enhances administrators’ capabilities to monitor and respond to threats.

The platform provides absolute real-time visibility of devices, allowing IT teams to instantly check affected endpoints based on audit histories and timely patch reports.

This way, administrators can perform immediate actions to remedy vulnerabilities.

The platform even features voice and artificial intelligence-powered controls that allows administrators to issue human language instructions which further simplifies threat response.

Covering all bases

These said, securing workplace IT requires more than just endpoint management. This should be combined with other measures such as using firewalls, identity management, and data protection.

Workplaces should also educate end users regarding the proper use of IT resources and how to avoid social engineering attacks.

But by using comprehensive management solutions, administrators would be able to cover the many bases required to keep their workplaces’ endpoints secure.

[vc_separator css=”.vc_custom_1551288486254{padding-top: 20px !important;padding-bottom: 20px !important;}”]

Start a Free Trial

Try Syxsense today and start patching your IT environment with a powerful and easy-to-use IT management toolset.
[vc_btn title=”Get Started with Syxsense” color=”warning” size=”lg” align=”center” link=”url:%2Fsyxsense-trial|||”]

Network Map: Visualize Your IT Security

By Patch Management, UncategorizedNo Comments
[vc_single_image source=”featured_image” img_size=”full”]

View Any IT Issue at a Glance

Syxsense’s Network Map puts the answer to the IT’s burning questions in a single screen. Can I see every device connected to my network, and how vulnerable to attack are these devices?
Through color coding, critically vulnerable devices alert you to weak links in your security infrastructure.

With a click of a mouse, start a task to immediately patch “Red” devices. Mouse over any device to see exact numbers of how many critical, high, medium or low vulnerabilities you have. Double click to view inventory, a timeline of any changes on the device, and patching history.

[vc_single_image image=”25331″ img_size=”full” alignment=”center” css_animation=”fadeIn”]

By setting up a regular maintenance window, your devices will be fully patched, and a glance at this global network map confirms your compliance. It gives auditors, executives, IT directors and most importantly, you, peace of mind that hackers, phishing, or ransomware cannot exploit your business.

Why choose Syxsense?
1. Detection: With Realtime security information, Syxsense displays the current state of your devices and software. This is a reflection of right now; not minutes or hours ago.
2. Roll Back Patches: Not only can you deploy updates with a strategic method, but the Patch Manager can also uninstall updates. The task can be configured to remove a specific update, or group of updates, from all devices or just a selection of them.

[vc_single_image image=”26877″ img_size=”full”]

3. Task Status and Reporting: Along with that Realtime data display comes accurate task status information. You can follow along as the task runs and analyze which devices succeeded or failed to implement the update. From there, our reporting section organizes vital information into easy to understand reports. These are perfect for emailing out to prove needed work has been completed effectively.

[vc_separator]

The Power of Realtime Security

Syxsense Realtime Security manages devices inside and outside your network, roaming laptops, Servers, Desktops, and IoT devices. With Realtime Security we’ve added both this network map and the ability to see and kill virulent malignant processes acting on your network.

||||

Prepare for Patch Tuesday!

By News, Patch Management, Patch TuesdayNo Comments
[vc_single_image image=”25975″ img_size=”full”]

Do you have a patching strategy? It should include turning off Automatic Windows update.

Patch Tuesday is here. To avoid the usual splitting headache, we recommend disabling automatic updates for Windows and implementing a reliable patch strategy.

Windows 10 updates whether you want it to or not…unless you know the trick. While we recommend that you always keep your systems patched, sometimes the updates are worse than the vulnerability, like the July Patch Tuesday this year.

Win10

If you have a Professional, Enterprise, or Education edition of Windows 10, you can turn off automatic updates, but the option is hidden. You need to pull yourself out of beta testing and then delay new versions by setting the “feature update” deferral to 120 days or more. Here’s what to do in version 1703, if you have a later version of Windows 10 these settings still apply, but the wording is slightly different.

  • Press Win-R, type gpedit.msc, press Enter. This brings up the Local Group Policy Editor.
  • Navigate the left pane as if it were File Explorer to
  • Computer Configuration > Administrative Templates > Windows Components > Windows Update > Defer Updates.
  • Choose Select when Feature Updates are received.
  • In the resulting dialog box, select Enabled.
  • In the Options box, type in how many days you’d like to pause updates and then in the next field type in today’s date.
  • Click Apply and then OK.

If you want to you can repeat this process for the second setting in Group Policy named Select when Quality Updates are received. Keep in mind, however, that quality updates include security updates and skipping them is not the best idea. On the upside, security updates are cumulative meaning if you do skip these updates, you can download the next one and be up to date.

Win7 and 8

  • Log in to the Windows 7 or Windows 8 guest operating system as an administrator.
  • Click Start > Control Panel > System and Security > Turn automatic updating on or off.
  • In the Important updates menu, select Never check for updates.
  • Deselect Give me recommended updates the same way I receive important updates.
  • Deselect Allow all users to install updates on this computer and click OK.
[vc_single_image image=”25987″ img_size=”medium” alignment=”center” onclick=”custom_link” link=”https://go.pardot.com/l/62402/2016-08-30/2y9m9t”]

Patch Strategy

Your IT update solution should facilitate phased rollouts and have full rollback options. These are the necessary keys to avoiding data loss or device outages.

Step 1. Identify

You can’t manage your environment if you don’t know what devices are there and which need updates. An IT solution should also be able to manage roaming devices.

Plus, if data is stale, it could mean missing a device or update that was critical to secure. Detect the state of your environment with live, accurate, and actionable data.

Step 2. Test Group Deployment

Deploy the updates to a small group of devices. These devices should be of low impact to the overall productivity of your company. Once these devices have been successfully and safely updated, you can deploy needed updates without worrying about a massive disaster.

Step 3. Phased Rollout

Now updates should be distributed to any device that needs them. However, you want this task to preform around business hours. Updates are important, but so is avoiding interruptions of productivity. A maintenance window should be set up so that any update tasks happen before and after business hours.

And to facilitate a proper patching strategy, look to a comprehensive IT solution.

Syxsense

This is the solution for all of your patching needs. Syxsense can deploy updates to Windows, Mac, and Linux devices. It is a complete patching solution that can manage devices both in your network, but also roaming and out of the office.

[dt_default_button link=”url:https%3A%2F%2Fwww.syxsense.com%2Fsyxsense-trial%2F|||” size=”big” button_alignment=”btn_center”]START FREE TRIAL[/dt_default_button]

Software Update Service

We understand that while updating software is the #1 way to protect your environment, it’s low on your priority list. As an IT department, you have other pressing tasks that you need your attention.

With our Software Update Service, you can move forward while we keep your devices up to date.

Our expert patch management team provides reliable support with detection and remediation for Windows and third-party software updates. We work closely with you to provide safe and efficient endpoint security with your own systems management tool or ours, Syxsense.

Our team will keep your IT systems reliable with endpoints updated and secure.

||

The ‘Foreshadow’ of More Intel Issues

By NewsNo Comments
[vc_single_image image=”24848″ img_size=”full”]

Foreshadow Flaw Found in Intel CPUs

For the more than a billion computers that depend on Intel CPUs, the flaws just keep coming. Thanks to work by researchers from KU Leuven University in Belgium, along with the universities of Adelaide and Michigan, Intel has been made aware of yet another major weakness in their processor chip sets.

Since the first flaws announced earlier this year lead to the Spectre and Meltdown attacks, this new exploit has been named ‘Foreshadow’. Intel has published a list of the affected products, which you can find below this article.

According to the cyber security arm of the US government, “an attacker could exploit this vulnerability to obtain sensitive information”. However, Intel has stated that “We are not aware of reports that any of these methods have been used in real-world exploits.” They have also pledged to ensure future processors would be built in ways to prevent vulnerability to Foreshadow.

Intel has released three CVEs to address this new issue: CVE-2018-3615, CVE-2018-3620, and CVE-2018-3646.

Patching and Mitigation

Systems that have applied updates made available by Intel earlier this year should already be protected against Foreshadow, Intel said.

Using an IT solution like Syxsense can simplify this complex task. Maintenance windows can be set so updates are deployed around business hours.

Updates can also be deployed on demand, so that emergency fixes can be applied immediately. Syxsense provides flexibility and adaptability to accommodate the remediation strategy that best fits your business.

Learn more about the better way to manage your environment. Start a trial with Syxsense.

[dt_default_button link=”url:https%3A%2F%2Fwww.syxsense.com%2Fsyxsense-trial%2F|||” size=”big” button_alignment=”btn_center”]START FREE TRIAL[/dt_default_button]
[vc_empty_space]

Impacted products:

The following Intel-based platforms are potentially impacted by these issues. Intel may modify this list at a later time.

Intel® Core™ i3 processor (45nm and 32nm)
Intel® Core™ i5 processor (45nm and 32nm)
Intel® Core™ i7 processor (45nm and 32nm)
Intel® Core™ M processor family (45nm and 32nm)
2nd generation Intel® Core™ processors
3rd generation Intel® Core™ processors
4th generation Intel® Core™ processors
5th generation Intel® Core™ processors
6th generation Intel® Core™ processors
7th generation Intel® Core™ processors
8th generation Intel® Core™ processors
Intel® Core™ X-series Processor Family for Intel® X99 platforms
Intel® Core™ X-series Processor Family for Intel® X299 platforms
Intel® Xeon® processor 3400 series
Intel® Xeon® processor 3600 series
Intel® Xeon® processor 5500 series
Intel® Xeon® processor 5600 series
Intel® Xeon® processor 6500 series
Intel® Xeon® processor 7500 series
Intel® Xeon® Processor E3 Family
Intel® Xeon® Processor E3 v2 Family
Intel® Xeon® Processor E3 v3 Family
Intel® Xeon® Processor E3 v4 Family
Intel® Xeon® Processor E3 v5 Family
Intel® Xeon® Processor E3 v6 Family
Intel® Xeon® Processor E5 Family
Intel® Xeon® Processor E5 v2 Family
Intel® Xeon® Processor E5 v3 Family
Intel® Xeon® Processor E5 v4 Family
Intel® Xeon® Processor E7 Family
Intel® Xeon® Processor E7 v2 Family
Intel® Xeon® Processor E7 v3 Family
Intel® Xeon® Processor E7 v4 Family
Intel® Xeon® Processor Scalable Family
Intel® Xeon® Processor D (1500, 2100)

|

Ransomware Disrupts Massive Shipping Company

By NewsNo Comments
[vc_single_image image=”24788″ img_size=”full”]

Cyberattack Causes Shipping Industry Disaster

COSCO, one of the world’s largest shipping companies, has experienced a ransomware attack on their US network. Their Long Beach terminal reported that their website and telephone network went down on July 25.

The company initially downplayed the event, however it quickly became apparent this was much more than a technical difficulty.

There is a legitimate fear this current attack is “a proxy for the entire industry.” Hackers might be testing the waters for lessons learned after the NotPetya attacks in June 2017. The losses and response times will be studied closely by many companies, and future malicious actors.

With the increasing rate of cybercrime, many are starting to accept these attacks as an unavoidable hazard of running a business. But there is a way to combat such threats and mitigate risk. Keeping up to date on patching is the #1 strategy for protecting your company from ransomware.

Syxsense has a comprehensive patch manager. With a quick scan, you can see what devices need updates and the severity of those patches. The deployment task is easily configured and can be set to happen on demand or scheduled around business hours.

There’s a better way to manage your environment. See how with a trial of Syxsense.

[dt_default_button link=”url:https%3A%2F%2Fwww.syxsense.com%2Fsyxsense-trial%2F|||” size=”big” button_alignment=”btn_center”]START FREE TRIAL[/dt_default_button]