Cyber Security Update


All AES hosted customer servers are secure and protected against the recent Ransom-ware attack on companies around the world and the UK NHS.

It is important that all organisations check that their own onsite windows PCS and servers are protected. Please find out how  below.

Recently we heard of a worldwide Ransomware attack related to windows software of the UK NHS and other large companies around the world that have highlighted the persistent risk of the threat posed by cyber-attacks – see http://www.bbc.co.uk/news/health-39899646

The recent ransomware attack has been on a worldwide scale, mainly related to Windows desktop and laptop and Server systems.

Your IT team may wish to take measures internally, as indicated below, to protect against the recent malware threats (if they have not done so)

If you use Windows based computers and servers in your business we suggest:

  1. You should consider stopping using Windows XP on your machines, (if you use it), as computers using XP have no Microsoft protection against this malware.
  2. If not done yet, please have
    • all Windows based computers plus
    • windows servers plus,
    • parallel or bootcamp on Mac.

updated to apply the following security update, released by Microsoft on March 14th this year at:

https://technet.microsoft.com/en-us/library/security/ms17-010.aspx?f=255&MSPPError=-2147217396

Message from Microsoft re the vulnerability in Windows:
Microsoft have announced a vulnerability in Microsoft Server Message Block 1.0 (SMBv1) server today. This service (SMB) is utilised to present shares, printers and more on a Microsoft Domain network.

This vulnerability exposes core Active directory components to Remote Code Execution from unauthenticated attackers. They would be able to execute any code they wished to potentially gain access to the entire network. The patches Microsoft have provided should be tested installed as a matter of urgency.

Specific Security reports of the Common Vulnerabilities and Exposures (CVEs) are below –

Windows SMB Remote Code Execution Vulnerability : CVE-2017-0143
Windows SMB Remote Code Execution Vulnerability : CVE-2017-0144
Windows SMB Remote Code Execution Vulnerability : CVE-2017-0145
Windows SMB Remote Code Execution Vulnerability : CVE-2017-0146
Windows SMB Remote Code Execution Vulnerability : CVE-2017-0148
The released patches target the SMBv1 service and the way it handles the particular requests that can be used to exploit it.

Leave a comment

Your email address will not be published. Required fields are marked *