The good news is Dell’s not detected any attacks in the wild. However, now bad actors have a new challenge, a puzzle to solve, a game with payoffs for them, and potential tragedy for their targets. Dell urges companies to install the update immediately.

Executives decide whether to accept the risk or provide teams with time to implement the two-step solution from Dell.

To exploit the security weakness, bad actors might effectively social engineer at least one user to click on a malicious link, open an infected attachment, or grant access to someone pretending to be a technical support professional.

Alternatively, the attacker can steal or guess the user’s password. For example, we are auditing a business right now and discovered the following passwords: Password, Password!, Password1, and Password123. Users choosing those passwords is NOT the IT professional’s fault.

Please forward this to your associates so they know that Dell is urging all affected customers to address this problem immediately.

Time is your team’s most precious asset, and this fix takes time. Discuss ways they can postpone other projects to address the problem before attackers start exploiting the vulnerability to potentially:

• Shut down systems
• Spread ransomware
• Threaten to expose stolen data
• Delete your data stored in the cloud or on your servers
• Or otherwise devastate organizations

Dell recommends acting immediately: dell.com/support/kbdoc/en-us/000186019/dsa-2021-088-dell-client-platform-security-update-for-dell-driver-insufficient-access-control-vulnerability

During the recent Pwn2own competition, a team demonstrated exploiting Exchange servers. With the new knowledge, attackers infiltrated servers before IT Professionals could apply patches. The Dell vulnerability could have the same outcome. Keep in mind that there are vastly more Dell computers in businesses than there are on-prem Exchange servers.

Interestingly, the vulnerability only exists if the IT Team is applying Dell’s patches and updates. However, if your team is not using Dell’s other security updates, that is a problem too. They might not have enough time and need your understanding when they need to reprioritize their tasks, have additional help, or automate some processes they must do manually.

The post Urgent Security Patch for Hundreds of Millions of Dell Computers appeared first on Foster Institute.

Intel advises that IT Professionals stop deploying the current versions of patches for the recently discovered security flaws in CPU chips. Find details, just updated, by searching:
Root Cause of Reboot Issue Identified Updated Guidance for Customers and Partners site:intel.com

Do not insert a space after the colon.

For most of you, deploying Microsoft patches is easy compared to managing Flash, Java, and browser updates. Oracle is releasing multiple security patches for Java SE. Additionally, if you are upgrading Chrome to the 64 bit version, Google is releasing new patches for that browser.

For executives wondering what to do at home, you may find it best to download fresh versions of any non-Microsoft browsers you use, and reinstall the most recent versions of Flash and Java, if you still use either, from https://get.adobe dot com/flashplayer/ or java dot com . Your Microsoft and/or Apple patches are likely configured to install automatically.

For both organizations and home office users, if you can remove Flash and/or Java from some or all of your computers, then you can forget about patching them. If you haven’t already, try it on a few computers. You may find that all of the websites essential to your business no longer require either. Worst case, you can re-install the most recent version.

Executives, please forward this to your IT Professionals. Be sure to, if you have not already, have a conversation with them about how aggressive you want them to be with patching. They can share the pros and cons with you. These days, an aggressive posture related to patches can increase your security dramatically, when handled properly. Provide them time to test the patches, test un-installing the patches, and then to deploy the patches in stages. They will also need to contact your cloud providers to discuss how they are handling the flaws and patches.

The post Patching Nightmare – Please Forward to Your IT Pros appeared first on Foster Institute.

Knowing that updates might cause a problem, please back up your computer first. You are backing up all the time already, right? Time Machine is a wonderful tool and is built in. If you want to supplement Time Machine with an additional backup, Carbon Copy Cloner from Bombich dot com is very popular and clients experience great results. You’ll need a couple of external USB drives, but the investment is worth it.

In case you are not familiar with how to apply patches, here are instructions:

On your Apple computer, even if your computer is set for automatic updates, it is good to verify that you have the most recent patches. Click on the image of the apple in the top left corner, and choose App Store. If not already selected, choose Updates inside the title bar that already contains the words: Featured, Top Charts, Categories, Purchased, and Updates. You may see many updates for your applications, and those are fine to apply, but the urgent one is the update called macOS Sierra Update and the version is 10.12.5. If you’ve not updated in a while, you may see other macOS updates too.

iPhone and iPad users, press on the Settings icon that looks like a gear. In the left-hand column, select General, and you’ll see Software Update on the right-hand column near the top. The most recent patch is for iOS 10.3.2.

If you want to configure automatic updates for your Apple computers, find instructions by searching for this phrase in Google: Automatic security updates os x site:apple.com

If you want to configure automatic updates for the iPhone and iPad, find instructions by searching for this phrase in Google: Automatic security downloads iOS site:apple.com

Please forward this to everyone you know who uses Apple devices and you want to help be more secure…

The post Get Apple’s Urgent Patches that Fix Dozens of Security Holes appeared first on Foster Institute.

Instructions for Windows and Apple home users are listed below the numbers. For organizations, here are 10 Steps To Avoid Incidents Including the Massive Ransomware Attack:

1. The reality is that most organizations are missing critical security patches and there is a very strong likelihood that yours is too.

2. Provide your team with extra time, and perhaps additional personnel, to test and then deploy patches ASAP. Some organizations are adding a new IT professional to their team whose sole responsibility is to manage patches. If the patch fails testing, then time must be invested to resolve the issue or implement compensating controls.

3. Prioritize critical security patches for the operating system, all the browsers, Flash, Java, your PDF Reader, and Microsoft Office. They are usually the easiest to attack and form your first line of defense.

4. Many IT teams are very reluctant to apply patches for fear of breaking your systems that are already running. Help remove their fears by reassuring them that you take on responsibility if the patch causes a problem. Encourage them to follow a procedure that mitigates risks:

5. Test Patches in a test environment that uses the same applications as the rest of your network. For very small companies, your test environment might be a single computer. For larger organizations, and organizations that stand to lose a great deal in the event of an attack, create a separate testing environment that is isolated from the production environment.

6. Have a pre-tested rollback plan so that, if the patch does cause a problem, your IT team will already know what they need to do right away to roll back a patch that causes an unexpected problem. They will then go back to the testing phase.

7. Deploy the patches in stages rather than patching all machines simultaneously. That way, even if the patch does cause a problem, not all your machines will be affected.

8. You may decide to empower your IT team with a patch management tool such as Ninite, LANGuard, Shavlik, or others. Allow them to test and choose a tool, and provide them with the means and time to do so, ASAP.

9. Ask IT, perhaps weekly and at least monthly, to provide you with a list of missing patches, not a pie chart.

10. You must upgrade from older operating systems, any of the ones that Microsoft no longer supports. If some machines cannot be upgraded, then they must be isolated or some other compensating control put into place. Microsoft clearly states when they stop producing patches for old operating systems.  So, there was no patch available for Windows XP and others.

Call me if they are not able to apply patches. Let’s team up to help prevent this.

At home, or if your organization is so small that you do not have an IT team or have an outsourced IT company that takes care of your patches, be sure that the option that provides automatic updates to Microsoft is enabled. The instructions are easy to find – just google the phrase: configure automatic updates site:Microsoft.com

Apple computer users, google: Automatic security updates os x site:apple.com

iPhone and iPad users, google: Automatic security downloads ios site:apple.com

Additionally, manually check for updates in Microsoft Office to be sure those are applied. Be sure that automatic updates are enabled in your browsers. Regularly download and apply patches to, or new versions of, Flash, Java, and your PDF reader.

Please forward this to everyone you care about and want to help stay secure.

The post Patching – 10 Steps to Seal the Holes in Your Armor appeared first on Foster Institute.

Patching VMware, which is often used as a platform for many of your other servers, can be frustrating. If the patch causes a problem, there is a risk that all your servers hosted on that machine will go down.

This is one of those risk vs. benefit decisions that is so important, business executives must be involved.

On the one hand, the patch could interrupt business, but not applying the patch could be considered reckless.

Test the patch prior to deployment, when possible. Having a pre-planned, if not pre-tested, roll-back plan is crucial in case the patch causes a problem.

Preferably patch one server at a time so that, if the patch does cause a problem, at least the interruption is limited to that server.

Without the patch, someone could run programs on your computer, potentially taking control of the server.

The patch fixes a vulnerability in the VMware Customer Experience Improvement Program, even if a customer is not participating in the program.

Please emphasize the last phrase to your IT pros.

Ask your IT pros to look at VMware’s information by searching for VMSA-2017-0007.

Please forward this to everyone who may be using VMware, so that they can alert their IT pros just in case they don’t know already.

The post Alert Your IT Team – Urgent Patch for Network Servers appeared first on Foster Institute.

Yesterday, someone told me their security was good since they only get infected by a few viruses each year.

Even a single infection means there is a possibility that their machines are already infected.

If one virus can get in, other undetectable viruses can too.

Unless security protections are very poor on a network or computer, visible virus infections are rare these days.

People who see virus infections need to act, including patching their Internet facing applications and enabling click-to-play. Those features already come with Windows and applications so there is nothing to buy or download. For more information, see foster institute dot come slash blog.

If you know someone whose computers on their network catch viruses, tell them the viruses are more like chest pain, not like the common cold. Infections are the sign of some greater damage that is about to, or already has, occurred.

The post Only One Virus is a Huge Problem appeared first on Foster Institute.

1. Keep critical operating system and application patches up to date, especially Flash, Java, Reader, and your browsers. Updates fix security loopholes in programs. The fear of a patch causing a program to malfunction can be reduced with proper testing, performing a staged rollout, and having a rollback plan.

2. Utilize Application Whitelisting. Application whitelisting allows you to specify what programs are permitted to run, such as Microsoft Office, your accounting program, and anything else your team needs for business purposes. Because of not being on the ok list, the majority of malicious software is blocked from running. The reason most companies don’t use application whitelisting is that their IT Pros know it can be a daunting process to set up and make it work well. Therefore, we can set that up for your IT pros. Why should they need to learn something when it only needs to be done once? The upkeep can be simple from then on.

3. Reduce the number of users with Local Admin rights as much as possible. This removes a user’s ability to install programs on their computer. As a result, it greatly hinders the ability for attackers to install malicious software too.

Other than implementation, none of those cost any money. You already paid for the technology. Emphasize the importance of, and support your IT Pros, as they implement these 3 powerful controls in your network.

Wishing you a thankful week and thank you all for remembering cyber-security as part of your main strategy for successful business operations!

The post Cyber Security’s Three Essential Steps appeared first on Foster Institute.

Help protect yourself at the foundation: First, discuss and determine how aggressive you want to be with your patches – and get them applied. Second, be sure to make users something other than local administrators.

The post Hacking Easier than Protection appeared first on Foster Institute.

Microsoft presents the feature to users saying, “Download apps and OS updates from multiple sources to get them more quickly”.

Think about it and it sort of makes sense. Rather than every computer on the planet having to go to Microsoft’s servers to download patches and apps, Windows 10 computers can reach out to other Windows 10 computers and obtain the patch from them. This helps prevent Microsoft’s servers from becoming overloaded, and can allow your computer to receive patches and apps sooner. Ultimately, this can even reduce the amount of traffic flowing on the Internet in general.

Microsoft has built in strong security – though security can be broken.

Microsoft does their best not to use your computer to deliver patches if you are connected to the Internet using a mobile hotspot – helping you avoid unexpected data charges. You can also specify what Wi-Fi connections are charged as metered networks.

One concern is that, if your computer is being used to deliver updates, your Internet connection may slow down. Or, perhaps you don’t want your computer to be, what some users may feel is, a zombie for Microsoft to use as part of their patch delivery mechanism.

How to turn this feature off in Windows 10: Go to the Start button icon, choose Settings > Update & Security > Windows Update > Advanced Options. You can choose to not participate, or to select either PCs on your local network only, or PCs on your local network and PCs on the Internet”

Please help spread the word and forward this newsletter on to those you care about!

The post Microsoft Using Your Computer To Deliver Software appeared first on Foster Institute.

A benefit of knowing when to expect patches is that patch time could be planned in advance. Now your IT Pros will have to be vigilant about applying Microsoft patches any time of the month. That’s the way it is with Adobe Flash, Java, PDF Reader, and browser patches.

And, patches do you no good until they are installed on your systems.

Applying patches is one of the best things you can do to protect against hacker attacks.

3 Cardinal rules for patches:

First, test the patches. Patches sometimes cause problems, especially Java patches, so they have to be tested. Test them ASAP so you can deploy them ASAP.

Second, use a staged deployment. Patches need to be deployed first to a few machines, then more, then to the rest of your network. That way, if a patch causes a problem, not everyone is down at the same time.

Third, always have a plan on how to “roll back” the patches if they do cause a problem. That’s just another reason to always have good backups and test your ability to restore.

Microsoft says the new “ASAP” patch release proactive will start when Windows 10 is released. That will probably be in July 2015.

Please post your comments below…

The post Huge Change in Scheduled Patches appeared first on Foster Institute.