Skip to main content
Tag

software distribution

||

Bluetooth Exploit Enables Tracking on Windows PCs

By BlogNo Comments

Bluetooth Exploit Enables Tracking on Windows PCs

Researchers have discovered a major Bluetooth bug that exposes users to third-party tracking and data access.
[vc_empty_space]
[vc_single_image image=”32365″ img_size=”full”]

Researchers at Boston University have discovered a vulnerability in the Bluetooth Low Energy (BLE) implementations of Microsoft and Apple devices. The vulnerability allows third-parties to determine the location and other sensitive information.

“We identified that devices running Windows 10, iOS or macOS regularly transmit advertising events containing custom data structures which are used to enable certain platform-specific interaction with other devices within BLE range,” the paper reads. “The address-carryover algorithm exploits the asynchronous nature of address and payload change, and uses unchanged identifying tokens in the payload to trace a new incoming random address back to a known device. In doing so, the address-carryover algorithm neutralizes the goal of anonymity in broadcasting channels intended by frequent address randomization.”

Most concerning is that fact that the communication is based completely on public, unencrypted advertising traffic, using the specification of BLE in the latest standard of Bluetooth 5. The scale of the privacy issues may even get worse, the report concluded.

Both manufacturers have yet to release a patch for any of the operating systems to alleviate the vulnerability.

How to Fix the Bluetooth Bug

The current workarounds include either disabling the Bluetooth service and/or routinely disabling the Bluetooth device’s connection, which will reset the advertising address and the token.

Syxsense can easily inventory Windows and Mac devices, show active Bluetooth controllers to easily provide insight on which devices may be affected, and even allow an action item such as pushing routine scripts via software distribution to automatically disable Bluetooth services.

[vc_separator css=”.vc_custom_1552427883977{padding-top: 20px !important;padding-bottom: 20px !important;}”]

Start a Free Trial

Try Syxsense today and start patching your IT environment with a powerful and easy-to-use IT management toolset.
[vc_btn title=”Get Started with Syxsense” color=”warning” size=”lg” align=”center” link=”url:https%3A%2F%2Fwww.syxsense.com%2Fsyxsense-trial|||”]
||||

Prepare for Patch Tuesday!

By News, Patch Management, Patch TuesdayNo Comments
[vc_single_image image=”25975″ img_size=”full”]

Do you have a patching strategy? It should include turning off Automatic Windows update.

Patch Tuesday is here. To avoid the usual splitting headache, we recommend disabling automatic updates for Windows and implementing a reliable patch strategy.

Windows 10 updates whether you want it to or not…unless you know the trick. While we recommend that you always keep your systems patched, sometimes the updates are worse than the vulnerability, like the July Patch Tuesday this year.

Win10

If you have a Professional, Enterprise, or Education edition of Windows 10, you can turn off automatic updates, but the option is hidden. You need to pull yourself out of beta testing and then delay new versions by setting the “feature update” deferral to 120 days or more. Here’s what to do in version 1703, if you have a later version of Windows 10 these settings still apply, but the wording is slightly different.

  • Press Win-R, type gpedit.msc, press Enter. This brings up the Local Group Policy Editor.
  • Navigate the left pane as if it were File Explorer to
  • Computer Configuration > Administrative Templates > Windows Components > Windows Update > Defer Updates.
  • Choose Select when Feature Updates are received.
  • In the resulting dialog box, select Enabled.
  • In the Options box, type in how many days you’d like to pause updates and then in the next field type in today’s date.
  • Click Apply and then OK.

If you want to you can repeat this process for the second setting in Group Policy named Select when Quality Updates are received. Keep in mind, however, that quality updates include security updates and skipping them is not the best idea. On the upside, security updates are cumulative meaning if you do skip these updates, you can download the next one and be up to date.

Win7 and 8

  • Log in to the Windows 7 or Windows 8 guest operating system as an administrator.
  • Click Start > Control Panel > System and Security > Turn automatic updating on or off.
  • In the Important updates menu, select Never check for updates.
  • Deselect Give me recommended updates the same way I receive important updates.
  • Deselect Allow all users to install updates on this computer and click OK.
[vc_single_image image=”25987″ img_size=”medium” alignment=”center” onclick=”custom_link” link=”https://go.pardot.com/l/62402/2016-08-30/2y9m9t”]

Patch Strategy

Your IT update solution should facilitate phased rollouts and have full rollback options. These are the necessary keys to avoiding data loss or device outages.

Step 1. Identify

You can’t manage your environment if you don’t know what devices are there and which need updates. An IT solution should also be able to manage roaming devices.

Plus, if data is stale, it could mean missing a device or update that was critical to secure. Detect the state of your environment with live, accurate, and actionable data.

Step 2. Test Group Deployment

Deploy the updates to a small group of devices. These devices should be of low impact to the overall productivity of your company. Once these devices have been successfully and safely updated, you can deploy needed updates without worrying about a massive disaster.

Step 3. Phased Rollout

Now updates should be distributed to any device that needs them. However, you want this task to preform around business hours. Updates are important, but so is avoiding interruptions of productivity. A maintenance window should be set up so that any update tasks happen before and after business hours.

And to facilitate a proper patching strategy, look to a comprehensive IT solution.

Syxsense

This is the solution for all of your patching needs. Syxsense can deploy updates to Windows, Mac, and Linux devices. It is a complete patching solution that can manage devices both in your network, but also roaming and out of the office.

[dt_default_button link=”url:https%3A%2F%2Fwww.syxsense.com%2Fsyxsense-trial%2F|||” size=”big” button_alignment=”btn_center”]START FREE TRIAL[/dt_default_button]

Software Update Service

We understand that while updating software is the #1 way to protect your environment, it’s low on your priority list. As an IT department, you have other pressing tasks that you need your attention.

With our Software Update Service, you can move forward while we keep your devices up to date.

Our expert patch management team provides reliable support with detection and remediation for Windows and third-party software updates. We work closely with you to provide safe and efficient endpoint security with your own systems management tool or ours, Syxsense.

Our team will keep your IT systems reliable with endpoints updated and secure.

||||

IoT OS Breached, Crashed and Hacked

By NewsNo Comments
[vc_single_image image=”25372″ img_size=”full”]

FreeRTOS Has 13 Major Security Flaws

Research performed by Zimperium’s zLabs team uncovered 13 vulnerabilities that could be manipulated to leak information, crash devices, and even take control with remote code execution.

“During our research, we discovered multiple vulnerabilities within FreeRTOS’s TCP/IP stack and in the AWS secure connectivity modules. The same vulnerabilities are present in WHIS Connect TCP/IP component for OpenRTOSSafeRTOS,” shared zLabs in their report.

FreeRTOS and SafeRTOS “have been used in a wide variety of industries: IoT, Aerospace, Medical, Automotive, and more,” according to the company’s post.

“Due to the high risk nature of devices in some of these industries, zLabs decided to take a look at the connectivity components that are paired with these OS’s. Clearly, devices that have connectivity to the outside world are at a higher degree of risk of being attacked.”

These OS, being under the Amazon Web Services umbrella, are some of the most widely used IoT OS.

Organizations should check their environments immediately for any vulnerable devices. It’s no longer enough to detect Windows, Mac, and Linux devices. The IoT presents a whole arena of risks. Vulnerabilities can lurk unnoticed until it’s too late.

[vc_single_image image=”25367″ img_size=”medium” alignment=”center” onclick=”link_image”]
[spacer height=”20px”][vc_single_image image=”25385″ img_size=”large” alignment=”center” onclick=”link_image”][spacer height=”20px”]

Syxsense is the solution that gives you a complete view of your environment.

The inventory scan feature will detect any device with an IP address, including IoT devices. To effectively secure your environment, you must know what’s actually in it.

[dt_default_button link=”url:https%3A%2F%2Fwww.syxsense.com%2Fsyxsense-trial%2F|||” size=”big” button_alignment=”btn_center”]START FREE TRIAL[/dt_default_button]

Office 2019 Rollout with ‘Sneakernet’

By NewsNo Comments
[vc_single_image image=”25062″ img_size=”full”]

How will you deploy Office 2019?

Office 2019 is now available.  As of today, commercial volume license customers, Windows or Mac, can begin their deployment process. According to Microsoft’s statement, Office 2019 should be available to all customers within a few weeks.

A new edition of Office means a massive rollout to the devices in your environment. To dramatically reduce the time and resources this could waste, IT departments should utilize a software deployment solution.

With something like Syxsense, you can upload a software package just once, but deploy it to every device you wish. Silent installs are also possible by including switch statements. Once uploaded to the packages section, it’s easy to target the software for a customized deployment.

The software distribution task has options like snooze reboot and maintenance windows to ensure that during this massive deployment, no work is interrupted.

And taking advantage of an interconnected solution like Syxsense means having access to functions like our reports. Now, as you complete your work, reports can summarize task status for anyone that might need it.

Don’t get overwhelmed with trying to deploy Office device by device. Start your trial of Syxsense.

[dt_default_button link=”url:https%3A%2F%2Fwww.syxsense.com%2Fsyxsense-trial%2F|||” size=”big” button_alignment=”btn_center”]START FREE TRIAL[/dt_default_button]

Instagram Takes a Peek: October Third-Party Patch Update

By Patch ManagementNo Comments

[vc_single_image source=”featured_image” img_size=”medium”]

Even celebrity status can’t protect your data

At the beginning of September, a news story broke that Selena Gomez had her Instagram hacked. Why does the Instagram of a celebrity matter this time? Because this hack goes much further.
Instagram won’t confirm just how many accounts were affected, but the hackers claim they have information on 6 million users. They used this information to set up a site called Doxagram, where you could pay to search for the private contact information of these users. These accounts included almost all of the 50 most followed Instagram accounts. People like Rihanna, Emma Watson, Floyd Mayweather, and even the official account of the white house.

Kaspersky Labs reported to Facebook that there was a flaw within the Instagram mobile app password reset option. However, it was in a 2016 version of the app, so if you have kept Instagram up to date, you should be protected.

This is just another lesson why it’s so critical to keep up to date on software patches. Any vulnerability, even in an unsuspecting, non-business software like Instagram, could lead to a major breach.

CCleaner adds malware to your devices

Avast, the parent company to Piriform, discovered that two of their products had been compromised. Hackers breached these two products and added malware into the new version. Then anyone who installed CCleaner also got this malware that allowed hackers to control the infected computer.

Affected Piriform products:

  • CCleaner v5.33.6162
  • CCleaner Cloud v1.07.3191

The software has since been updated to remove the malware, but the damage has been done. Piriform says that they fixed things “before any known harm was done” and that no sensitive data was collected. While that might be true, it doesn’t mean the hackers didn’t accomplish their goals. They go access to a massively used software and that, in turn, gave them a back door into businesses that use it.

[dt_default_button link=”url:https%3A%2F%2Fwww.syxsense.com%2Fsyxsense-trial%2F|||” size=”big” button_alignment=”btn_center”]START FREE TRIAL[/dt_default_button]

Third-Party Updates

Every month we see a bevy of new third party updates, and are always enhancing our library of supported vendors. Special requests and additions are welcomed. This month’s releases include:

Below are a list of third-party software updates for the month:

Vendor Category Patch Version and Release Notes Link:
Adobe Media Software Flash Player 27 and AIR 27: https://helpx.adobe.com/flash-player/release-note/fp_27_air_27_release_notes.html
Google Web Browser Chrome 61.0.3163.100: https://chromereleases.googleblog.com/2017/09/stable-channel-update-for-desktop_21.html
Ivo Soft Misc. ClassicShell_v4.3.1: http://www.classicshell.net/history/
Peter Pawlowski Audio Player Foobar2000_v1.3.16: http://www.foobar2000.org/changelog
[vc_separator]

Start Patching

Start a free, 14-day trial of Syxsense, which helps organizations from 50 to 10,000 endpoints monitor and manage their environment, all from just a web browser. An email will be automatically sent to the address you provide.

[dt_default_button link=”url:https%3A%2F%2Fwww.syxsense.com%2Fsyxsense-trial%2F|||” size=”big” button_alignment=”btn_center”]START FREE TRIAL[/dt_default_button]
||

Chrome Compromised: September Third-Party Patch Update

By Patch ManagementNo Comments

[vc_single_image source=”featured_image” img_size=”medium”]

1 Million Targeted by Chrome Extension Hack

Even experts aren’t exempt from deceptive phishing attacks. It’s being reported that the developers of several extensions had their login credentials stolen.

It’s the second time in a week that Chrome users have been targeted by extension hijacks. The first involved an extension called CopyFish with around 30,000 installs. That attack may have been a test intended to see how many fraudulent ad views could be pumped through before Google intervened and returned control of the extension to its rightful owners.

Extensions reported so far:

  • Web Developer version 0.4.9
  • Chrometana version 1.1.3
  • Infinity New Tab version 3.12.3
  • CopyFish version 2.8.5
  • Web Paint version 1.2.1
  • Social Fixer 20.1.1
  • TouchVPN
  • Betternet VPN

Once the attackers had access to the developers accounts for these extensions, they began modifying the code. It seems their goal was to gain control over victims’ browsers and then if the victim had a Cloudflare account, steal that information.

It’s important to keep your browser’s up to date and review extensions before you install them.

The Source of NotPetya

Just after the outbreak of NotPetya, several entities seemed to point at software distribution provider MeDoc as one of the main sources of the outbreak. They claim that their software was a victim of a hack that then led to it being the vessel for initial distribution of NotPetya. From there, it spread through updates of MeDoc and began infecting more and more victims. This sort of event is known as a ‘supply chain attack’.

[vc_single_image image=”12386″ img_size=”200×200″]

The compromise of a software distribution method is extremely dangerous for businesses. Before you know it, a vulnerability can be spread to every device accessible via the hacked distribution software. How do you prevent such a disaster? One way could be the activation of two-factor authentication for login to your IT management software. This can help prevent the software from being compromised in the first place.

Don’t leave something that could infect your entire environment unsecured.

[dt_default_button link=”url:https%3A%2F%2Fwww.syxsense.com%2Fsyxsense-trial%2F|||” size=”big” button_alignment=”btn_center”]START FREE TRIAL[/dt_default_button]
[vc_separator]

Third-Party Updates

Every month we see a bevy of new third party updates, and are always enhancing our library of supported vendors. Special requests and additions are welcomed. This month’s releases include:

Below are a list of third-party software updates for the month:

Vendor Category Patch Version and Release Notes Link:
Adobe Media Software Flash and AIR: 26.0.0.151 and 26.0.0.127 – https://helpx.adobe.com/flash-player/release-note/fp_26_air_26_release_notes.html

 

Apple Media Software iTunes: 12.6.2 – https://www.neowin.net/news/apple-releases-security-updates-for-itunes-and-icloud-for-windows

 

Cerulean Instant Messaging

 

Trillian: 6.0 build 61 – https://www.trillian.im/changelog/windows/6.0/

 

Citrix Data Delivery Receiver: 4.9 LTSR – http://docs.citrix.com/en-us/receiver/windows/current-release/about.html

 

Don Ho Source Code Editor Notepad++: 7.5 – https://notepad-plus-plus.org/news/notepad-7.5-released.html

 

FileZilla FTP Solution 3.27.1 – https://filezilla-project.org/versions.php

 

Foxit PDF Reader Reader: 8.3.2.25013 – https://www.foxitsoftware.com/pdf-reader/version-history.php

 

Google Browser Earth: 7.3.0 – https://support.google.com/earth/answer/40901?hl=en

Chrome: 60.0.3112.113 – https://chromereleases.googleblog.com/2017/08/stable-channel-update-for-desktop_24.html

 

Malware Bytes Malware Defender

 

3.2 – https://www.malwarebytes.com/support/releasehistory/

 

Mozilla Brower and Email Client Firefox: 55.0.3 – https://www.mozilla.org/en-US/firefox/55.0.3/releasenotes/

Thunderbird: 52.3.0 – https://www.mozilla.org/en-US/thunderbird/52.3.0/releasenotes/

 

Realvnc Remote Access Software 6.2.0 – https://www.realvnc.com/en/connect/docs/desktop-release-notes.html

 

The Document Foundation Office Suite LibreOffice: 5.4.0 – https://wiki.documentfoundation.org/ReleaseNotes/5.4

 

Wireshark Network Protocol Analyzer 2.4.0 – https://www.wireshark.org/docs/relnotes/wireshark-2.4.0.html

 

[vc_separator]

Get Started

Start a free, 14-day trial of Syxsense, which helps organizations from 50 to 10,000 endpoints monitor and manage their environment, all from just a web browser. An email will be automatically sent to the address you provide.

[dt_default_button link=”url:https%3A%2F%2Fwww.syxsense.com%2Fsyxsense-trial%2F|||” size=”big” button_alignment=”btn_center” icon_type=”picker” icon_picker=”fas fa-angle-double-right” icon_align=”right”]START YOUR FREE TRIAL OF SYXSENSE[/dt_default_button]