Windows Vulnerability

May 15, 2017, 2:38 pm
Windows 10

In view of recent events that have highlighted the persistent risk of the threat posed by cyber-attacks
(http://www.bbc.co.uk/news/health-39899646) we strongly advise our customers to apply the following security update, released by Microsoft on March 14th this year: https://technet.microsoft.com/en-us/library/security/ms17-010.aspx?f=255&MSPPError=-2147217396 , if not having done so already.

Microsoft have announced a vulnerability in Microsoft Server Message Block 1.0 (SMBv1) server today. This service (SMB) is utilised to present shares, printers and more on a Microsoft Domain network.

This vulnerability exposes core Active directory components to Remote Code Execution from unauthenticated attackers. They would be able to execute any code they wished to potentially gain access to the entire network. The patches Microsoft have provided should be tested installed as a matter of urgency.

Specific Security reports of the Common Vulnerabilities and Exposures (CVEs) are below –

Windows SMB Remote Code Execution Vulnerability : CVE-2017-0143 Windows SMB Remote Code Execution Vulnerability : CVE-2017-0144 Windows SMB Remote Code Execution Vulnerability : CVE-2017-0145 Windows SMB Remote Code Execution Vulnerability : CVE-2017-0146 Windows SMB Remote Code Execution Vulnerability : CVE-2017-0148

The released patches target the SMBv1 service and the way it handles the particular requests that can be used to exploit it.

Please be assured that ES Systems continues to take the necessary measures to ensure that our IT environment remains secure, in order that our customers, who depend on the resilience of our infrastructure for continuous service, remain secure also.

If you require any help updating Windows, please get in touch with our support team on 0191-371-2392 or email support@essystems.co.uk.

 

 

Remote Support?

Do you require our remote support? Click the box below to activate our support tool.

Download close-icon