You Need to Turn Off Auto-Updates Now
It’s been reported that MeDoc, a third-party accounting software, is the source of the latest global ransomware attack. Security experts say accounting program provider MeDoc was breached and the NotPetya ransomware was spread via forced automatic updates. This new attack, given the title ‘NotPetya’ by Kaspersky, has so far been detected in Poland, Italy, Germany, France, the US, the UK, Russia, and Ukraine. This is yet another global ransomware event within a month.
While patching is vitally important, many recent attacks have seen successes against Microsoft Software, which is much more likely to be kept up to date than third-party content. Third-party software tends to be left for last, or forgotten about, and could pose a greater vulnerability to your systems.
NotPetya has highlighted the danger of relying on auto updates to secure your operating systems and third party applications. CMS has always recommended disabling auto updates in apps and OS to allow you to properly test, pilot and control distribution of updates.
Over the years, Microsoft has released many defective updates causing errors and blue screens, leading to cumbersome patch recalls. Typically, patches do not go through the same level of testing as a full software release, which creates risk for your business.
Systems Management best practices is to test patches on all images, then use a controlled, staged distribution. With CMS, creating a strategic deployment is rapid, reliable, and stable. We have the leading library of third-party vendors and are always adding more based on customer recommendations.
Turn off auto-updates and trial Syxsense today!
Third-Party Updates
Every month we see a bevy of new third party updates, and are always enhancing our library of supported vendors. Special requests and additions are welcomed. This month’s releases include:
| Product | Category | Patch |
| Chrome | Web Browser | Chrome_v59.0.3071.115 |
| Wireshark | Network Protocol Analyzer | Wireshark_2.2.7 |
| Firefox | Web Browser | Firefox_v54.0 |
| Thunderbird | Email Client | Thunderbird_v52.2.1 |
| Glary Utilities | PC cleanup | Glary_v5.78 |
| AIMP | Audio Player | AIMP_v4.13.1897 |
| LibreOffice | Document Manager | LibreOffice_v5.3.4 |
| ImgBurn | Image Burner | ImgBurn_v2.5.8.0 |
| Trillian | Instant Messenger | Trillian_6.0 Build 59 |
| Notepad++ | Source Code Editor | Notepad++_7.4.2 |
| Citrix Receiver | CitrixReceiver_v4.8 |
| Patch | Details |
| Chrome_58.0.3029.140 | Includes bug fixes, security updates, and feature enhancements.
However, the following devices are NOT live with this update. AOpen Chromebox Commercial Dell Chromebook 11 (3120) Enguarde based 11″ Chromebooks HP Chromebook 11 2100-2299 / HP Chromebook 11 G4/G4 EE /Â HP Chromebook 11 G3 HP Chromebook 14 ak000-099 / HP Chromebook 14 G4 Lenovo ThinkPad 11e Chromebook
|
| Wireshark_2.2.7 | Bug fixes and updated protocol support
|
| Firefox_54.0 | Added Burmese locale. Added support for multiple content processes (e10s-multi). Simplified the download button and download status panel. Various security fixes.
|
| Thunderbird_52.2.1 | Fixed: Problems with Gmail (folders not showing, repeated email download, etc.)
|
| Glary_v5.78 | New UI and enhancements
|
| AIMP_v4.13.1897 | Common: localization have been updated
Audio Converter: special build of LAME codec with unicode file names support has been added Fixed: Sound Engine – some scrunchies can be heard when stopping playback by closing the application Fixed: Sound Engine – app hangs on lost the audio focus if DirectSound method is used for output Fixed: Playlist – playlists with relative paths in AIMPPL4 format are imported incorrectly if file path is started form + or – character Fixed: Tag Editor – WAV-file that was edited in AIMP opens in Adobe Audition with the “meta data is corrupted” message in some cases Small bugs were fixed.
|
| LibreOffice_v5.3.4 | New features and bug fixes.
|
| ImgBurn_v2.5.8.0 | Bug fixes.
|
| Trillian_6.0 Build 59 | Fixed:
Bot: Proper message headers for previous message history from bots Media: Screen capture could fail on a certain display bit depth Message Window: Fixed issues related to closing the second message window with the single tab setting. Settings: Properly show Trillian 5 license information in account area What’s New: Translations not working correctly.
|
| Notepad++_7.4.2 | Fixed:
Add SWIFT language support. Fix replace in files regression. Enhance Find Replace dialog (resizable & remove search direction radio buttons). Fix a crash issue while doing a column insertion on a CJK unicode document. Fix repeated notification dialog for modification from outside of Notepad++. Fix a visual glitchy during tab drag and drop.
|
Get Started
Start a free, 14-day trial of Syxsense, which helps organizations from 50 to 10,000 endpoints monitor and manage their environment, all from just a web browser. An email will be automatically sent to the address you provide.
