<img height="1" width="1" style="display:none" src="https://www.facebook.com/tr?id=573132769549581&amp;ev=PageView&amp;noscript=1">
A Good Place to Start to Stay Safe from Cyber Criminals Blog Feature
Shaun Steiner

By: Shaun Steiner on May 24th, 2019

Print/Save as PDF

A Good Place to Start to Stay Safe from Cyber Criminals

Cyber Security

Trying to keep up-to-date on how to stay safe from cyber criminals these days can be nearly impossible. Most have no idea how or where to even begin.

There are plenty of security measures to consider, but a good place to start would be to run the suggested updates on your computers and mobile devices. I know it’s tempting to push the “Maybe Later” button when they pop up, but these updates are for your own safety. Sometimes they add software features, but many times, they’re fixing bugs and plugging security holes.

Installing these updates when they come out can help avoid major security problems, such as the one Microsoft is doing its best to fix right now.

A Current Microsoft Vulnerability

A vulnerability known as “BlueKeep” has been discovered in Microsoft’s Remote Desktop Services. Hackers can take advantage of this security hole remotely and can run code on your computer without your knowledge or consent.

This means the hacker doesn’t need you to accidentally click on one of their pop-ups or any of their other tricks. Once they get into your system, they can get to your files, install programs, access different user accounts – basically, do whatever they want.

Have any banking or financial information on your computer? Client information? Yup, they’d have access to all of it if they got in through this security hole!

Protecting Yourself from BlueKeep

The good news is that if you’re using a Windows 8 or 10 machine, you’re good. This threat doesn’t affect those systems.

And if you’re diligent about installing updates, or “patches” as they’re often referred to, on supported systems, you should be good to go. Microsoft released patches for Windows 7 and Server 2008 in their most recent Patch Tuesday.

Microsoft has also issued patches for Windows XP, Vista, and Server 2003, which is uncommon since those systems have been out-of-support for several years. You’ll have to download and install them yourself though – they won’t be sent automatically.

What If I Don’t (or Can’t) Patch?

Microsoft strongly suggests patching vulnerable systems, but they have offered a few mitigations and workarounds that could help keep you safe in the meantime.

  • Disable Remote Desktop Services if they are not required.
  • Enable Network Level Authentication (NLA) on systems running supported editions of Windows 7, Windows Server 2008, and Windows Server 2008 R2.
  • Block TCP port 3389 at the enterprise perimeter firewall.

Source: https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0708

If you need help keeping your business safe from this threat or others, feel free to reach out to us any time.

 

About Shaun Steiner

Shaun Steiner is a Client Success Consultant at Accent Computer Solutions, Inc. He earned his B.A. in Communications from Ohio University in 2003, and MBA in Business Management from Nova Southeastern University in 2007. Shaun is passionate about finding ways to dramatically improve the IT experience for Southern California businesses & agencies. In his role as a Client Success Consultant, Shaun helps coach high-level executives through various complex technical solutions, and helps demystify what they can’t quite put our finger on when it comes to IT.