Security vulnerabilities are increasing and just not so long before, we had to deal with so many of them. Remember WannaCry? In this post, we will discuss some important case in points with respect to security vulnerabilities and how important are security patches and updates.
The WannaCry scare
The biggest ransomware attack in history was caused by WannaCry. It took down more than 300,000 computers across 150 countries. This attack was launched by using the EternalBlue exploit, which exploited the vulnerability in SMB V1 (Server Message Block) protocol of Windows.
NotPetya attack
WannaCry was soon followed by another massive ransomware attack called NotPetya. Even this used the exact same vulnerability to spread itself with an addition of the Mimi Katz routine.
Who were the victims?
The security patches for all these vulnerabilities were available before they got exploited by attackers. For obvious reasons, victims were those users who didn’t apply the security patches.
So, how important are security patches and updates and what do you mean by a vulnerability and exploit?
In addition, there are zero-day exploits. These are used to target an unpatched software vulnerability on the same day the vulnerability is discovered (this type of vulnerability is called zero-day vulnerability). In short, in this attack, there are ‘zero days’ between the discovery of the vulnerability and the first attack.
How Google’s Project Zero works with vulnerabilities
Google’s Project Zero team which works on vulnerabilities, usually gives 90 days to software vendors for releasing patches for discovered vulnerabilities. If a vulnerability is critical, then the time given is 7 days. If a software vendor fails to release a security patch even after 90 days, Project Zero automatically makes the information about the vulnerability public. They also provide a sample attack code publicly, so that users can take the necessary steps to avoid any potential attacks.
So, what are security updates and its types?
Almost every software that we use needs to be updated. Some updates fix security patches, some fix bugs, and some add new features which were not available in the previous version of the software.
Updates are usually classified into either Hot Fixes or Service Packs.
Security updates are classified into three types depending on their severity. They are as follows.
Why should you patch your computer?
As explained earlier, systems updated with the latest security patches stay less vulnerable to attackers.
Following are some simple steps that can help keep your information and system protected
You may visit the link given below to manually download security updates and patches from Microsoft:
https://portal.msrc.microsoft.com/en-us/security-guidance
Subject Matter Expert
Mangesh Bhasme | Quick Heal Security Labs
No Comments, Be The First!