By Gerry Grant, Chief Security Officer.
It has been quite a week in Cyber Security and it’s only Wednesday. First of all we heard about a flaw in the popular messaging app WhatsApp that allowed attackers to track phones and messages. This vulnerability was developed by a specialist company and sold to, probably, nation states who wanted to track various individuals. Let’s be clear, although this was concerning, it was likely a highly targeted attack that most of us need not worry too much about. Thankfully WhatsApp has released an update that closes this security hole, so if you haven’t already then now is the time to update that particular app.
Whilst talking about updates, Tuesday was ‘Microsoft Patch Tuesday’, the day when Microsoft release updates to most of their products. And boy, it was a big one.
Included in these latest updates is one that closes a security vulnerability that looks like one of the most serious in a few years. Microsoft are so concerned about this particular vulnerability that they have even released patches for older operating systems such as Windows XP, which they have not updated in the last 5 years.
According to reports the vulnerability is ‘wormable’. This means that any malware that exploits this security flaw can easily spread from computer to computer. The flaw has been found in the RDP protocol, which is a common way used to connect remotely to computers and is frequently used to allow others to connect to your computer to allow them to help diagnose and resolve IT problems.
The vulnerability does not exist in newer Microsoft Operating systems such as Windows 10, but is exploitable in operating systems such as Windows XP and Windows 7. The advice is to update ALL devices as soon as possible and if you are still using Windows 7 or before, now is the time to seriously consider updating to Windows 10.
For support, please get in-touch.