by Mark | Jun 12, 2016 | Patch Management
Assess your Security Risk
Are you aware of the potential security risks facing your business? Cyber threats are becoming increasingly sophisticated and can have a devastating impact on your company’s reputation and finances. In this article, we’ll show you how to assess your security risk and take steps to protect your business from harm.
Identifying Your Security Risks
To begin, you need to identify your security risks. Microsoft has a great tool that can help you do this. By filling out a simple form, you can assign a dollar value to each of the security risks your business faces. Microsoft provides examples for each of the items to help you make an accurate assessment.
The following are some of the potential risks you may face:
Accidental Data Leakage:
This can occur when employees accidentally share sensitive information, such as customer data, with unauthorized parties.
Malware:
This is a type of software designed to harm your computer system, steal your data, or take control of your devices.
Insider Threat:
This is a risk posed by employees or contractors who may intentionally or unintentionally compromise your security.
Identity Theft:
This is when someone steals personal information, such as social security numbers or bank account details, and uses it for fraudulent purposes.
Malicious Access of Data from Personal Devices:
This can occur when employees use personal devices to access company data, making it vulnerable to security breaches.
Weak Passwords:
This is when passwords are easy to guess or are reused across multiple accounts, making them vulnerable to hacking attempts.
Social Engineering:
This is a tactic used by attackers to trick employees into divulging sensitive information or performing actions that compromise security.
Loss/Corruption of Data:
This can occur due to hardware failures, power outages, or natural disasters, such as floods or fires.
Misconfigured Systems:
This can occur when systems are not configured correctly, leaving them vulnerable to attack.
Outdated Operating System:
This is when systems are not updated to the latest software, leaving them open to known vulnerabilities.
Lack of Encryption:
This is when sensitive data is not encrypted, leaving it vulnerable to theft.
Equipment Failures:
This can occur when hardware such as servers, routers, or switches, fail due to aging, misuse, or other factors.
Unpatched Vulnerabilities:
This is when known security vulnerabilities are not addressed, leaving your system open to attack.
Untrained Employees:
This is when employees lack the knowledge or training to identify security risks or take appropriate action.
Taking Action to Mitigate Risks
Once you’ve identified your security risks, you can take steps to mitigate them. One way to do this is by patching your servers to protect against known vulnerabilities. However, this can be a difficult process, especially if you lack adequate rollback capabilities in case of a problem with the deployed update.
That’s where SnaPatch can help. This software takes a snapshot of your virtual servers and only deploys updates if the snapshot is successful. If the snapshot fails, no updates are deployed. The process is automated, and you receive email updates during the snapshot and deployment.
Protect Your Business Today
Don’t wait until a security breach occurs to take action. Assess your security risk today and take steps to protect your business from potential harm. With the right tools and knowledge, you can safeguard your company’s reputation and finances against cyber threats.
While you are here, I came across a great page from Microsoft that will help you assess your security risk.
Fill out the form with a dollar value for each of the options you choose and it will help you see how each of these breaches of security cost your company lost revenue. (If your not sure of the $ value, Microsoft has some examples for each of the items and their associated costs.)
The threat risk assessment covers the following;
- Accidental Data Leakage
- Malware
- Insider Threat
- Identity Theft
- Malicious Access of data from personal devices
- Weak Passwords
- Social Engineering
- Loss/corruption of data
- Misconfigured Systems
- Outdated Operating System
- Lack of Encryption
- Equipment Failures
- Unpatched Vulnerabilities
- Untrained Empoyees
https://www.microsoft.com/security/security-risk-assessment/index.html?Ocid=C+E%20Social%20FY16_Social_TW_msftsecurity_20160610_489464562#/
If patching your server fleet is difficult to get approved through your change approval board, for lack of adequate roll back in case of an issue with a deployed update, SnaPatch can help. SnaPatch will take a snapshot of your virtual servers (Vmware of HyperV) and only if the snapshot is successful, will it then allow your existing System Centre Configuration Manager (SCCM) to deploy updates to those servers. If the snapshot isnt successful, then no updates are deployed. The whole process is automated with email updates during the snapshot and deployment. Find out more @ Smikar Software
by Mark | Dec 30, 2015 | Features, Patch Management, Patch Releases, SCCM
Adobe Flash Player – Critical Security updates released
Adobe has released critical security updates for Adobe Flash Player this month
These updates address critical vulnerabilities that could potentially allow an attacker to take control of the affected system.
The exploit for CVE-2015-8651 is being used in limited, targeted attacks.
Effected versions are;
- Adobe Flash Player Desktop Runtime 20.0.0.235 and earlier
- Adobe Flash Player Extended Support Release 18.0.0.268 and earlier
- Adobe Flash Player for Google Chrom e20.0.0.228 and earlier
- Adobe Flash Player for Microsoft Edge and Internet Explorer 1120.0.0.228 and earlier
- Adobe Flash Player for Internet Explorer 10 and 1120.0.0.228 and earlier
- Adobe Flash Player for Linux 11.2.202.554 and earlier
- AIR Desktop Runtime 20.0.0.204 and earlier
- AIR SDK20.0.0.204 and earlier
- AIR SDK & Compile r20.0.0.204 and earlier
- AIR for Android 20.0.0.204 and earlier
Effecting Windows, Macintosh, Android and IOS devices
Adobe has relased a security update that fixes the vulnerability. Users are advised to update their versions of Flash to the latest versions available on the Adobe website.
Details on how to update and remediate this issue supplied by Adobe below;
- Adobe recommends users of the Adobe Flash Player Desktop Runtime for Windows and Macintosh update to 20.0.0.267 by visiting the Adobe Flash Player Download Center, or via the update mechanism within the product when prompted.
- Adobe recommends users of the Adobe Flash Player Extended Support Release should update to version 18.0.0.324 by visiting http://helpx.adobe.com/flash-player/kb/archived-flash-player-versions.html.
- Adobe recommends users of Adobe Flash Player for Linux update to Adobe Flash Player 11.2.202.559 by visiting the Adobe Flash Player Download Center.
- Adobe Flash Player installed with Google Chrome will be automatically updated to the latest Google Chrome version, which will include Adobe Flash Player 20.0.0.267 for Windows, Macintosh, Linux and Chrome OS.
- Adobe Flash Player installed with Microsoft Edge and Internet Explorer for Windows 10 will be automatically updated to the latest version, which will include Adobe Flash Player 20.0.0.267.
- Adobe Flash Player installed with Internet Explorer for Windows 8.x will be automatically updated to the latest version, which will include Adobe Flash Player 20.0.0.267.
- Adobe recommends users of the AIR desktop runtime, AIR SDK and AIR SDK & Compiler update to version 20.0.0.233 by visiting the AIR download center or the AIR developer center.
- Please visit the Flash Player Help page for assistance in installing Flash Player.
by Mark | Dec 14, 2015 | How To, Patch Management, Patch Releases, SCCM
The Ultimate Patch Management Strategy to Alleviate Your Pain
Are you tired of experiencing patch management pain every time you need to update and patch your servers? If yes, then you are not alone. Many administrators have found themselves in a daunting task of keeping their servers and workstations up to date. Fortunately, creating a great patch management strategy is not as complicated as you might think. In this article, we will show you how to implement an effective patch management strategy that will remove the pain from your process.
Infrastructure is Key
The first step towards having an effective patch management strategy is having the correct infrastructure in place. Fortunately, there are several fantastic tools that have been developed by Microsoft, such as Microsoft System Centre Configuration Manager (SCCM), Windows Update Services (WSUS), and Windows Update for Business (WUB). These tools can be used to keep your servers and workstations up to date, and they all report on patching compliance. Additionally, you can set them to deploy updates as you define, which makes the process more manageable
The Ideal World
In an ideal world, where you have Development/Test, UAT, and Production environments that mimic one another, you can successfully deploy security updates to the lower environments. This allows you to perform successful UAT to ensure that no new issues are introduced by any of the patches. Should a patch cause an issue, you can stop deployment to your Production servers, delaying deployment until a fix has been released that will address the issue or not deploying the patch at all.
The Real World
Unfortunately, not everyone has the luxury of lower environments that match the Production environment. The ability to successfully UAT patches prior to deployment to Production systems isn’t available to most administrators, making the patch deployment process fraught with risk. Administrators would have to manually confirm all backups were successful prior and perform and confirm a successful snapshot of their virtual servers for added confidence. Only then could they deploy the updates to their client servers, typically outside of business hours. If there was an issue that arose from a patch, many late-night hours would be spent either trying to uninstall the patch (if that worked) or restoring from tape backup. Either way, it was many hours and weekends late at night keeping everything up to date.
How We Can Help
We understand the pain that comes with patch management, and we have a solution to help you. SnaPatch Patch Management Software interfaces with Microsoft’s SCCM and VMWare’s vCentre and Microsoft’s System Centre Virtual Machine Manager, also known as SCVMM. This software automates the patch deployment process and allows administrators to have their weekends back. With the SnaPatch console, you can choose the servers you want to patch, what patches you want to deploy, what servers you require to be snapshotted, and what time you would like this all scheduled (a maintenance window will be set for this deployment). SnaPatch will automate all this and alert you with progress emails. Should a server’s snapshot not be successful, you will be alerted by email, and that server will be excluded from patch deployment. Should an issue arise with one of the deployed patches, you can either uninstall the patch, revert to the snapshot created by SnaPatch, or restore from backup tape.
SnaPatch – Your Solution
SnaPatch is the best patch management add-on for Microsoft’s SCCM that will help you alleviate the patching risk. With our software, you can simplify your patch management process and enjoy your weekends without the hassle of patching. Like our motto says, “Let’s make Administration EASY!” Contact us today to learn more about how SnaPatch can help you.
by Mark | Dec 11, 2015 | How To, Patch Management, Patch Releases
How to Fix Outlook 2010 Only Starting in Safe Mode Issue (KB3114409)
If you are experiencing issues with Outlook 2010 only starting in Safe Mode, you are not alone. The recent Microsoft Patch releases have caused an issue that was meant to be prevented instead of fixed. Fortunately, there is a way to address this problem.
The KB3114409 update, which was released on Patch Tuesday, was designed to prevent Outlook 2010 from starting in Safe Mode. However, it appears to have caused the opposite effect, forcing all users to use Safe Mode for Outlook and not retaining display preferences. This issue has affected many users and is still very fresh, meaning there may be other issues associated with this release.
While the core objective of the above fix was to limit Outlook 2010 opening in Safe Mode, a feature released in KB3114305, it appears as though the patch has caused unintended consequences. If you have installed the KB3114409 update, you may have found that Outlook 2010 only starts in Safe Mode, and display preferences are not being retained.
The good news is that there is a workaround. To fix the issue, you will need to uninstall or prevent the hotfix from being installed. This will return the functionality in those cases where the fix has caused issues.
For sites using Outlook 2010 with SCCM ADRs to deploy patches, it is advisable to disable this update. However, sites using Lotus Notes are not affected, as this update is specific to Outlook (and not Office) 2010.
Conclusion
If you are experiencing issues with Outlook 2010 only starting in Safe Mode, the KB3114409 update may be the culprit. Fortunately, there is a workaround to fix this problem. By uninstalling or preventing the hotfix from being installed, you can restore the functionality of Outlook 2010. Remember, if you are using SCCM ADRs to deploy patches, disable this update to avoid issues. With these simple steps, you can fix the issue and get back to using Outlook 2010 without any problems.
If you want more information about this update, visit the Microsoft site links below
https://support.microsoft.com/en-us/kb/3114409
While the core objective of the above fix was (to provide a means) to limit Outlook 2010 opening in Safe Mode, a feature released in KB3114305: https://support.microsoft.com/en-us/kb/3114305
