Cynch Security

View Original

Worrying New Issue Found in Older Windows Servers

Like clockwork, Microsoft released their regular monthly updates this week. You might have noticed it pop up right as you were getting ready to leave the office for the night or as a notification at the most annoying possible moment while you were in the middle of something important. As we do each month at Cynch when these updates are released, we flagged this for our member businesses to take a look at and spent a bit of time looking into ourselves for anything interesting.

Unlike every other month, Microsoft took the rare step this time around to release an update for unsupported versions of Windows going all the way back to Windows XP. The last time this happened was in 2017 when businesses and organisations that failed to install the updates in time experiencing the $10 Billion impact of WannaCry and NotPetya.

Why small businesses need to act today

Businesses of all sizes are more reliant on technology today than they’ve ever been before. The challenge for smaller businesses though is keeping up with frequent changes in technology in amongst the other stuff that just has to get done. With limited time and budget, things like upgrading the server that has been going fine for the past 4-5 years simply never get a look in until it really can’t be put off any longer.

More than 2 million Windows machines connected to the Internet potentially vulnerable to CVE-2019-0708.

It’s these servers and older desktops or laptops, particularly if they can be accessed remotely, that Microsoft are seriously concerned about and could soon be under attack. If business owners don’t start taking action, starting today if possible, these older machines could bring about a serious cyber incident that for some might mean the last day of operation.

Right now there are more than 2 Million machines connected to the Internet globally that might need to install this update, thousands of which are supporting small businesses.

Where should small business owners start?

If you’re a small business owner that uses Microsoft Windows here are our recommendations on what you should be doing starting today.

Windows Update Cyber Sprint

  1. Start by contacting whoever it is that manages your Windows machines. Do this today!

    They can find more technical details of what this is all about here: Microsoft Update Announcement

  2. Work with your technical support person to understand how urgent it is to install these updates.

    We’ve put together the following tool to help you figure this out if you’re unsure: CVE-2019-0708 Prioritisation Tool

  3. Schedule in a time for the update to be installed. This will need your servers to be down for a bit so pick a time that doesn’t impact you too much, just make sure it’s soon!

  4. Work with your team to deploy the update on affected machines.

  5. Test that everything is working as it should be after the update is installed.

  6. Check that updates have been installed on the other laptops and desktops in your business.

  7. Schedule in a security review. Discuss and look to answer the following questions:

    • Do we still need this server?

    • If we still need it, can it be upgraded to the latest version of Windows?

    • How long would it normally have taken us to install this update?

    • Does this server still need to be accessed remotely?

    • How else can we secure our Windows systems?

  8. Take a breath, relax for a bit and enjoy a well earned drink 🍻

The Australian Cyber Security Centre (ACSC) has also released some general guidance for Australian businesses on this issue here: https://www.cyber.gov.au/news/patch-to-protect-your-business

We try hard not to spread fear when it comes to cyber security, but knowing how important these older Microsoft Windows systems can be for a small business we believed in this instance it was important to spread the word.

Please email us hello@cynch.com.au if you have any questions about the update from Microsoft or any other concerns you might have about the cyber risks to your small business.