Advantage IT Management Blog

Advantage IT Management has been serving the Mobile area since 2005, providing IT Support such as technical helpdesk support, computer support, and consulting to small and medium-sized businesses.

Microsoft May Have Opened Up Millions of PCs to a Potential Cybersecurity Threat

Microsoft May Have Opened Up Millions of PCs to a Potential Cybersecurity Threat

Microsoft generally takes security very seriously, and for the most part, if you keep your Windows and Server operating systems updated, you can generally depend on some base-level security and stability. Unfortunately, it was recently discovered that, for almost two years, a very critical defense mechanism within Windows wasn’t being properly secured.

Microsoft’s “Bring Your Own Vulnerable Driver” Exploit

Microsoft’s Windows Update tool is supposed to automatically add vulnerable software drivers to a blocklist.

Basically, a driver is a piece of software on your computer that controls hardware. While your computer is first being built and set up, it requires proper drivers for each individual piece of equipment on it. Like all software, a driver can have a vulnerability in it that allows bad actors to exploit it. This tends to give them some level of access to your PC, which allows them to cause trouble.

Unfortunately, Microsoft’s Windows Update tool hasn’t been managing this block list, despite the fact that Microsoft has been adamant about it over the last few years. While you might be getting security updates and patches, this one particular line of defense hasn’t been getting fortified, and it’s been causing issues over the last few months for a lot of people.

This allows bad actors to push any known vulnerable driver to the PC and then utilize those vulnerabilities to get whatever access they want.

This isn’t something new either. This type of exploit has been around for over a decade, but there has been a huge increase over the last few years, and broad scale attacks often target this type of vulnerability. 

Microsoft is scrambling to work on a fix and claims that something is coming in an upcoming Windows Update to address this.

For many businesses, the best way to ensure that their PCs are safe involves preventing users from being able to install and configure things on their work devices. While it won’t protect your organization from every vulnerability under the sun, it does offer a very solid baseline of protection. If a user can’t install software on a device, there are fewer opportunities for vulnerabilities.

We can help lock down your network to make it much easier to keep it secure, and our ongoing management and maintenance will keep every device on your network updated and as secure as possible.

If you are concerned about your cybersecurity, give us a call at 251-662-9770 today.

Why BEC is Such a Negative Circumstance for Any Or...
Explaining the Lack of Reliability of the Printer
 

Comments

No comments made yet. Be the first to submit a comment
Guest
Already Registered? Login Here
Guest
Sunday, November 27 2022

Captcha Image

Mobile? Grab this Article!

QR-Code dieser Seite

Recent Comments

kanwal liaquat Most Noteworthy Data Breaches in 2019
24 August 2021
I agree with you data security is like a joke. Your data is never saved once you step on the interne...
RyanMcCawley Is it Wrong to Purchase Access to Your Own Data?
11 November 2020
As we know there are so many colleges and universities. From http://www.carwrapsanantonio.net/ stude...
WilliamMMartin What You Need to Know to Manage a Remote Workforce
29 April 2020
Managing a remote workforce is tough, but now a day it is the requirement and we all need to take ca...
Malcolm Quinn Gmail and the G Suite Get Overhauled with A.I.
13 April 2020
Some of the sites on the link can be overhauled and users can get different advantages. On the other...
Avye Goodwin ALERT: Change Your Twitter Password, Says Twitter
25 March 2020
When you create your Twitter account you have to make your password secure and healthy so that you c...