WinShock: are you protected?

We’ve already blogged on some of the recent highly publicised security threats to computer systems, such asHeartbleed and Shellshock.

One thing that brought security breaches like Heartbleed to widespread attention was the fact that they were just as potent a threat to Macs as to Windows PCs.It’s easy to panic in the face of these stories, but many of these bugs have only limited impact. Others can be potentially serious, but for a variety of reasons there are only limited opportunities to exploit them.

Now it’s Windows’ turn again; a new vulnerability has come to light which does appear to warrant pre-emptive action, and it affects many functions across Windows. Located in a fundamental component of Windows called sChannel, this new security weakness can affect both workstations and servers. There is a patch, but it has to be installed, and without it PCs remain highly vulnerable. The significant points raised in the linked article are the ‘attack surface’, which covers pretty much any unpatched Windows computer, and the proofs of exploit that have been published by web security giants BeyondTrust and IT Immunity.

Because of this, at Modalit we have decided to ensure that all of our customers’ servers are completely up to date. We started last week and we hope to be finished by the end of next week; all the work is being done out of hours. There is a small risk that the updating process will cause problems on some servers, which is something that can happen any time – but in this case the benefits outweigh any difficulties that might arise. We are taking every care to minimise any disruption.

At the same time, we strongly suggest that everybody reading this checks their Windows PCs over the next few weeks, to make sure everything is up-to-date. It appears from our monitoring that PCs are updating automatically, but this should be verified by checking manually. To do this, check Windows Update:
• Go to Start > Control panel and select Windows Update
• Click on Check for Updates and install any updates that are marked as important or critical.
• Restart the computer and repeat to make sure.

We advise our clients to get in touch if they need any help you need any assistance with this.