Reported by Microsoft on January 17, the company admitted to another vulnerability in the older versions of its Windows products. A vulnerability in the remote code execution (RCE) was found in the scripting engine of Internet Explorer (IE). The vulnerability applies to all versions of IE on Windows, which can corrupt memory so that attackers can execute arbitrary code. Programs include Internet Explorer and Windows Server 2008 through to Windows 2018.
Source: Microsoft Windows 7 Download at Microsoft, updated January 2020
The vulnerability works so that an attacker could execute code in the context of the current user – meaning that a hacker could gain the same user rights as the current user on the system. “If the current user is logged on with administrative user rights, an attacker who successfully exploited the vulnerability could take control of an affected system.” This would allow them to then install malicious programs, delete data, or create new accounts remotely. Microsoft further explained the attack method would most likely be “a web-based attack scenario, an attacker could host a specially crafted website that is designed to exploit the vulnerability through Internet Explorer and then convince a user to view the website, for example, by sending an email.”
Microsoft is aware of limited targeted attacks that have already taken advantage of this vulnerability. However, a patch won’t be released until next month’s Patch Tuesday. Internet Explorer and older versions of Windows still have a high user rate among businesses. Windows 7 has the second largest market share of all desktop operating systems at 32.74%. This user rate is only beaten by its successor, Windows 10 at 47.65%. This means devices are using unsupported Windows 7 today. These devices are currently an extreme security risk.
One solution is to simply use another browser. For businesses that are unable to move away from the old Internet Explorer and Servers for operational reasons, there are some additional mitigation factors they could consider. Running the programs in a restricted mode will reduce the chance of malicious content from being able to make changes on the devices. ØPatch has created a temporary micro patch to address the problem to use as a stopgap until Patch Tuesday. Users of Windows 7 and older Windows products should be vigilant against any unsolicited emails that may be attempting to direct you to a malicious site.
The Department of Justice is looking to acquire a GRC tool for the Office of the CIO within the FBI’s Enterprise Information Security Section.
Google has identified “unsafe” code in the Chromium web browser engine. This flaw introduces a potential vulnerability that effects Google Chrome, as well as all Chromium-based web browsers.
The International Association of Privacy Professionals (IAPP) has released its 2020 Privacy Tech Vendor report, reviewing key software solution vendors within the space. This year’s report highlighted the recent addition of Data Subject Request (DSR) to the feature categories.
Among the full set of features available in Zecurion’s new DLP product is the ability to perform user behavior analytics to help spot data loss events before they occur.
Zecurion has one of the most robust DLP products on the market and this fact was recently recognized by SC Magazine, who placed the product in its “pick-of-the-litter" category for DLP.
In early March, Titus released Titus Illuminate 2020, which was the company’s answer to the question of analyzing data at rest. This latest version of Illuminate leverages machine learning and AI in an effort to manage data that contains potentially sensitive or high-risk personal information.
More than ever, cybersecurity solutions are core to any MSPs offering. No longer should technology service providers be farming this out to dedicated security providers. Trust and peace of mind are the core tenets of what they are selling and solutions like Acronis Cyber Protect Cloud can provide the platform upon which to deliver on those promises.
PHEMI is a data privacy solution focused on keeping data-processing activities secure by redacting information based on the role of the accessor. Thus, allowing such data to be used for multiple use cases without compromising privacy.
Kenna Security deployed their new data driven vulnerability management program, Kenna.VM and accessory program, Kenna.VI. Released on April 28th, Kenna.VM was created with the purpose to set service-level agreements (SLAs) with risk tolerance in mind.