by Dr. Grigorios Fragkos, VP CyberSecurity
It is strongly suggested you verify that the Web Browsers you are using have been updated to the latest version and if you have Adobe Flash Player installed in your system, make sure you have downloaded the latest version from the official URL: https://get.adobe.com/flashplayer/.
In order to check if your browser is running the latest version of Adobe Flash Player you can visit the following URL: https//www.adobe.com/uk/software/flash/about/
Microsoft released a number of updates for Patch Tuesday (14th July 2015) which according to the published security bulletin summary, address remote code execution flaws for both the Windows OS and Internet Explorer.
One of the patches addresses last week’s security issue CVE-2015-2425 which was uncovered due to the recent Hacking Team breach and the leak of a number of zero day (0day) exploits. This Tuesday’s updates, which also marks the end of support for Windows Server 2003, includes nine bulletins directly related to servers.
It is very important for CISOs, and CyberSecurity decision makers in general, to plan for the day after support ends for this product as it is expected that attackers will launch targeted attacks against Windows Server 2003.
For those who are not in a position to transition to a new server by the end of the support date, Microsoft will continue to support the OS during the first year for US $600/year. Due to the fact that no single solution fits all scenarios, you may need to consider alternatives which might help in this case.
- One option is to upgrade to Windows Server 2008 but keep in mind that the support will end in five years.
- Another option is to upgrade to Windows Server 2012 R2 which allows IT to take advantage of IPv6, virtualisation software with Hyper-V and other added features.
If you cannot migrate to a newer server at this moment, it is highly advisable to review the server’s hardening settings and segregate the server onto its own network. Of course, make sure that the traffic to and from the server is filtered and monitored by using a firewall and IPS. For some companies, this might provide an opportunity for a swift move to the Cloud.
Depending on the available budget of each company, a transition to a Cloud based server might be an ideal solution to cut down cost of maintenance, gain on performance, and be hardware independent.
Furthermore, Oracle addressed Java zero day (0day) vulnerabilities with its quarterly Critical Patch Update (CPU). The security fixes Oracle released address an astonishing 193 vulnerabilities across all of its products. One of the patches addresses the CVE-2015-2629 issue which received a CVSS Base Score of 9.0 for the Windows platform and a 7.5 for Linux based platforms.
The CPU also addresses the actively exploited Java 0day vulnerability (CVE-2015-2590) that goes by the name Operation Pawn Storm which targets primarily military targets, embassies and defence contractor personnel from the US and its allies.
It is strongly suggested to apply this security update as soon as possible even though your industry is not within the primary targets of this exploitation campaign.
Sysnet Risk & Assurance is available to assist with pragmatic solutions to help improve security posture and meet compliance initiatives, for more information, please visit Risk & Assurance or email firstname.lastname@example.org
If you are a merchant that requires technical or PCI DSS help, please click here