Skip to main content
Tag

legacy os patch

|||

BlueKeep: There’s a Report For That

By Patch ManagementNo Comments

BlueKeep: There’s a Report For That

BlueKeep exploits are on the rise—Syxsense allows you to see which of your devices are affected by this critical vulnerability.

With BlueKeep exploits looming large, knowing your exposed risk could save your time, money and business.

Syxsense has added the “BlueKeep At Risk Devices” report to every console. Our dynamic architecture helps you stay on top of emerging threats. To run the report, just go to reports, find BlueKeep and press the button.

In seconds, you will see a list of every device that hasn’t been scanned for the vulnerability and every device where the risk is detected. With a few more clicks you can deploy the patch to every device, rerun the report and prove to management that you are 100% compliant.

Click, know the facts, and secure. Experience a complete view of your IT environment with Syxsense.

Start a Free Trial

Try Syxsense today and start patching your IT environment with a powerful and easy-to-use IT management toolset.

Syxsense demo

Schedule Your Syxsense Demo

Syxsense combines IT management, patch management, and security vulnerability scanning in one powerful solution. Get started today.

Schedule My Demo
||

NSA Urging Users to Patch BlueKeep Vulnerability

By News, Patch ManagementNo Comments

NSA Urging Users to Patch BlueKeep Vulnerability

The National Security Agency (NSA) is warning users that a new RDP vulnerability affecting Windows 7 and Windows XP systems is potentially “wormable."

The National Security Agency has recently issued an urgent advisory to all Windows-based administrators and users to ensure they are using a fully-patched and updated system.

Last month, Microsoft released additional security updates to protect against Bluekeep, a new security vulnerability considered a potentially ‘wormable’ flaw in the Remote Desktop (RDP) protocol (CVE-2019-0708). The vulnerability is present in the still-supported Windows 7, Vista, Server 2008 and Server 2008 R2, but also in legacy systems Windows XP and Server 2003, which is a rarity for Microsoft since Extended Support ended back in April of 2014.

The vulnerability can be easily exploited and weaponized by leveraging malware or even ransomware. Microsoft has even warned that the vulnerability can surely be as damaging as Wannacry. It only takes a bit of code designed to exploit it and spread pre-authentication without requiring any user interaction in the process. Once the vulnerability has been abused, it’s only a matter of time before it will infect not only the target host, but the rest of the environment, if left unpatched.

The NSA also believes this can easily evolve in time: “This is the type of vulnerability that malicious cyber actors frequently exploit through the use of software code that specifically targets the vulnerability. For example, the vulnerability could be exploited to conduct denial of service attacks. It is likely only a matter of time before remote exploitation code is widely available for this vulnerability. NSA is concerned that malicious cyber actors will use the vulnerability in ransomware and exploit kits containing other known exploits, increasing capabilities against other unpatched systems.”

The solution is simple: patch all Windows devices not only for the latest vulnerability but always, and if the devices are outside of mainstream or even extended support, like the legacy operating systems, it’s best to migrate to Microsoft’s latest OS, Windows 10.

Start a Free Trial

Try Syxsense today and start patching your IT environment with a powerful and easy-to-use IT management toolset.

Syxsense demo

Schedule Your Syxsense Demo

Syxsense combines IT management, patch management, and security vulnerability scanning in one powerful solution. Get started today.

Schedule My Demo
||

How Forgotten Legacy Systems Could Be Your Downfall

By Patch ManagementNo Comments

How Forgotten Legacy Systems Could Be Your Downfall

Legacy systems present a major security risk as attackers continue to target vulnerabilities on these devices.

This article originally appeared in Infosecurity Magazine

Some companies just simply swear by the adage, “If it ain’t broke, don’t fix it” and continue to run workstations and servers on legacy systems.

Take the case of the world’s most popular operating system (OS) – Windows. According to NetMarketShare, Windows 10, Microsoft’s latest iteration of the OS for workstations, has finally surpassed Windows 7 as the leading OS. Globally, Windows 10 now has a market share of 40.30% compared to Windows 7’s 38.41% as of February 2019.

Interestingly, Windows 10 only edged Windows 7 in the tail end of 2018 despite being in the market since 2015. Users typically cite Windows 7’s dependability as a key reason for its longevity. Yet, it’s a bit surprising why users still stick to the aging OS. Windows 10 is just arguably just as, if not more, dependable.

Windows 7 compatibility is now becoming an issue as new software and hardware are now designed to work only with newer operating systems. Computers with newer processors will not be able to use OS versions older than Windows 10.

What’s even more remarkable is that Windows 7’s market share still translates to millions of computers around the world. Users continue to put faith in the OS even if mainstream support ended back in 2015. Microsoft’s extended support for Windows 7 will also only be until January 2020 and when this happens, the OS will stop receiving free security updates or support. Only Professional and Enterprise license holders will have the option to get paid support until 2023.

Why Legacy Creates Risks
Unfortunately, this continued use of legacy systems presents a major security risk as developers tend to focus on actively providing support for their latest versions. So, any discovered or disclosed vulnerability to these older systems may not be fixed or addressed, leaving them vulnerable to attack.

Attackers typically focus on these vulnerabilities to widely-used legacy systems. For example, among the reasons why the Wannacry ransomware outbreak crippled a number of companies is because of the use of legacy systems.

In the case of NHS, the ransomware infected endpoints running on Windows XP which were specifically vulnerable due to unpatched flaws. This ultimately compelled Microsoft to rollout a special patch for the 3.34% of computers that still ran on the “dead” OS. This was quite an odd case since extended support for Windows XP ended way back in 2014.

Companies’ lackadaisical attitude towards upgrading and updating legacy systems is also to blame. An RSA Conference survey revealed that less than half of companies patch vulnerabilities once they are publicized. Some even wait weeks or months before acting on security bulletins.

What to Do
Companies would do well to patch the potential security vulnerabilities, given the dire consequences of falling victim to a cyber-attack. Legacy systems and other system and software vulnerabilities should be carefully analyzed and addressed, and IT teams should commit to the following:

Create a comprehensive inventory – IT teams should perform a complete inventory of all devices including the hardware, OS, and software specifications of each endpoint. Companies must know how many devices actually run on aging systems or load legacy software since they could all become vulnerable once developer support ends.

Invest in upgrades – Many might not see the benefit of upgrading especially if the legacy ones still work for their purposes. However, the reality is that, part of what users pay for in new software versions is the active support that developers provide. If cost is an issue, they could weigh the risks of security risks and the benefit of support. Besides, developers often offer discounts on upgrades to existing customers.

Invest in extended support – As an alternative, companies could also look into acquiring extended support from their vendors. Some developers provide service level agreements (SLAs) to their legacy users. However, this must be carefully weighed against the benefits of having mainstream support.

Timely deploy patches – Companies must stay on top of security bulletins and patch their systems accordingly. IT teams can also use management platforms to automatically deploy patches to affected endpoints as soon as fixes are released.

Why Upgrading is a Precaution
Attackers are not wasting their time in targeting potential victims. Many security threats are now automated where hackers use bots and scripts to scan and attack vulnerable endpoints. As such, users have to keep their infrastructures secure at all times.

Due to the lack of active support, legacy systems are among the most vulnerable to such attacks. Companies should be mindful of these security risks and commit to make the proper investment to upgrade their systems.

Start a Free Trial

Try Syxsense today and start patching your IT environment with a powerful and easy-to-use IT management toolset.
Syxsense demo

Schedule Your Syxsense Demo

Syxsense combines IT management, patch management, and security vulnerability scanning in one powerful solution. Get started today.

Schedule My Demo