CoreTech Blog

CoreTech Blog

CoreTech has been serving the Bowling Green area since 2006, providing IT Support such as technical helpdesk support, computer support, and consulting to small and medium-sized businesses.

Microsoft Does Some Patching Off Schedule

Microsoft Does Some Patching Off Schedule

To keep your business’ network free from threats, and to keep your software working effectively, patching the software it uses is extremely important. The reason is that the threat landscape is always evolving. Recently, Microsoft announced that they have released an emergency out-of-band security update to fix two security issues, an atypical act for the software giant. 

Typically, Microsoft releases patches on “patch Tuesday”, or every second Tuesday of the month, but because of the threats these vulnerabilities created, they went ahead and patched them. Let’s take a look at the two patches they released in their rare out-of-band patch. 

Internet Explorer Zero-Day

The major vulnerability that was patched was a zero-day vulnerability found in their antiquated Internet Browser, Internet Explorer. Being a zero-day vulnerability, it had already been exploited in the world, explaining the need for the unscheduled bug fix. 

Not much is known about the vulnerability, but Microsoft has suggested it was a remote code execution exploit that, if taken advantage of, could give an attacker complete control over the account of another user. The exploit requires that the hacked party click on a link in a phishing email while using Internet Explorer. 

Fortunately, IE is only used by under two percent of users, but attacks have already happened so remaining vigilant about any use of IE is important. Stay away from IE and you won’t have to worry about security problems coming from the old browser. 

Microsoft Defender DOS Bug

The second patched issue in the out-of-band patch was a denial of service exploit in Microsoft Defender, the antivirus shipped with Windows 10. The bug doesn’t seem to be overly troubling, as a hacker would need unfettered access to a computer and the ability to execute code. The code would disable Windows Defender’s components enough to give hackers access, and the ability to take over the system with malware or ransomware. 

Keeping your software patched and running smoothly is extremely important. Reach out to our expert IT technicians today to see how CoreTech can help you manage your system updates and software management at (270) 282-4926.

Why is URL Manipulation a Security Concern?
What is G Suite, Really?
 

Comments

No comments made yet. Be the first to submit a comment
Guest
Already Registered? Login Here
Tuesday, 17 December 2024

Captcha Image

About CoreTech

CoreTech has been serving the Kentucky area since 2006, providing IT Support such as technical helpdesk support, computer support and consulting to small and medium-sized businesses. Our experience has allowed us to build and develop the infrastructure needed to keep our prices affordable and our clients up and running.

get a free quote

Recent News

Last week, we discussed why X—the social media network once known as Twitter—has been losing many users. Here, we wanted to direct those seeking a move to consider the up-and-coming platform known as Bluesky in case you were one of those jumping ship...

Contact Us

1711 Destiny Lane Suite 116
Bowling Green, Kentucky 42104

Mon to Fri 8:00am to 5:00pm

[email protected]

(270) 282-4926


Nashville Managed IT
Louisville and Lexington Managed IT
Bowling Green Managed IT
Clarksville Managed IT