It’s been another busy week in the world of IT Security. There have been several published reports of exploits in the popular Flash and Java applications. The Firefox browser has already taken the step to block the Flash add-in unless it has been updated. Microsoft also just published a critical security bulletin that addresses a remote code execution vulnerability in the Operating System.
As a result of this vulnerability, we are seeing a dramatic increase in CryptoWall attacks which seem to be exploiting the Flash vulnerability. No current antivirus engine is capable of proactively preventing installation. We are looking into additional measures that can be taken to minimize the potential exposure to this virus.
Our clients will receive the latest software patches during their weekly maintenance window via our software management system. We’ve also shortened the daytime failover to one missed patch window for all locations.
As much as we can patch software and push antivirus updates, staff training plays a vital role in maintaining the computer and network security. In addition to keeping patches up to date, all work related data should be stored in a location that is backed up regularly. Passwords should be strong (long, complex and difficult to guess). Staff should exercise caution when browsing the Internet. When reading your email with embedded links always a good idea to type the address in address bar instead of clicking the link.
We do not anticipate the changing threat landscape to get any better. Security remains a top priority for us at Community IT.