iTSTL Blog

iTSTL has been serving the Missouri area since 2015, providing IT Support such as technical helpdesk support, computer support and consulting to small and medium-sized businesses.

Whoops! Microsoft Update Has Been Missing This Critical Security Vulnerability

Whoops! Microsoft Update Has Been Missing This Critical Security Vulnerability

For the most part, Microsoft takes security as seriously as it should, issuing updates and patches to maintain your Windows and Server operating systems. While you can count on receiving these updates for your supported operating systems, what you might not have known is that Microsoft accidentally overlooked a flaw in its own defenses.

The Flaw is in Vulnerable Drivers

Microsoft has a Windows Update tool that is supposed to detect and add vulnerable software drivers to a blocklist.

Drivers are the bits of software that help your computer interface with various hardware. Without the driver properly installed and updated, the hardware doesn’t behave the way it should. Of course, we’re talking about software here, so drivers can be just as vulnerable to threats as any other software can, and because of their functionality, they have access to systems on your PC that can cause problems.

Well, Microsoft’s Windows Update tool hasn’t been managing the block list, even though Microsoft has insisted on reinforcing it. You may have been receiving updates and patches as needed, but this is one particular piece of security that has not been updated.

This flaw gives threats the ability to push any known vulnerable driver to your PC, then use those vulnerabilities to their advantage. These types of flaws are not new or unheard of; they have been around for at least a decade, and the large increase in threats over the past several years can be attributed to this vulnerability. Attackers like to cast wide nets using easy-to-leverage vulnerabilities, and this one fits the profile just fine.

Microsoft has been working on a fix and says that something will be coming with the next Windows update.

Businesses usually want to prevent their users from installing and configuring new devices on their work PCs, and this is a sound strategy to prevent many threats from striking your business. It’s not a magical cure-all, but it will go a long way.

If you’re ready to protect your network from external threats, know that iTSTL is ready and able to assist your business with implementing enterprise-grade security solutions. All you have to do to get started is call us today. You can reach us at (314)828-1234.

Clearing an Android Device’s Cache
Network Segmentation is a Smart Move for Business ...
 

Comments

No comments made yet. Be the first to submit a comment
Guest
Already Registered? Login Here
Guest
Wednesday, 18 December 2024

Captcha Image

Customer Login


News & Updates

iTSTL is proud to announce the launch of our new website at www.itstl.com. The goal of the new website is to make it easier for our existing clients to submit and manage support requests, and provide more information about our services for ...

Contact us

Learn more about what iTSTL can do for your business.

iTSTL
10 Fenton PLZ Suite #1665
Fenton, Missouri 63026