Information Security

 

Current Alerts

Critical updates issued for current and unsupported versions of Microsoft Windows

Microsoft have released critical security updates for all currently supported versions of Windows, as well as for the otherwise unsupported XP, Vista and Server 2003. This is in response to a series of vulnerabilities exploited by the NSA and subsequently released by the hacking group Shadow Brokers. Given the issues posed recently by the outbreak of the NSA derived ransomware WannaCrypt/WannaCry, we strongly recommend patching all systems immediately. Further details are available on the Microsoft website, including instructions for manually patching XP, Vista and Server 2003:... Continue reading

Posted in

Guidance for WannaCrypt ransomware worm attacks [updated]

The WannaCrypt ransomware worm targets computers which do not have the latest security updates installed.  We remind users to install MS17-010 as soon as possible, if they have not already done so. Microsoft released additional security updates for for older platforms including Windows XP, Windows 8, and Windows Server 2003. This attack type may evolve over time, so any additional defense-in-depth strategies will provide additional protections. For example, to further protect against SMBv1 attacks, network operators should consider blocking legacy protocols on their networks... Continue reading

Posted in

Ransomware attacks against NHS trusts.

We are aware of reports of a wide-scale ransomware attack targeting users computers in the NHS. The NHS have published a statement and it is likely that this threat will spill over into other sectors, including education. Early indications are showing that this may be a variant of the malware is exploiting MS17-010 which is a vulnerability in Microsoft Server Message Block 1.0 SMBv1 dating from March 2017. Further information on this particular issue is available here https://technet.microsoft.com/en-us/library/security/ms17-010.aspx Recommended best practice... Continue reading

Posted in

Security Update for Microsoft Malware Protection Engine

We’ve become aware that Microsoft has released an urgent update. This addresses a vulnerability that could allow remote code execution if the Microsoft Malware Protection Engine scans a specially crafted file. We encourage users to review the Microsoft Security Advisory: https://technet.microsoft.com/en-us/library/security/4022344 Typically, no action is required of enterprise administrators or end users to install updates for the Microsoft Malware Protection Engine, because the built-in mechanism for the automatic detection and deployment of updates will apply the update within... Continue reading

Posted in

Critical zero-day vulnerability in Microsoft Office

A recently discovered critical zero-day attack is being abused to distribute malware. The attack exploits a currently unpatched vulnerability in Microsoft Office to download and execute malicious code on victims' computers. OxCERT would like to warn against opening Office attachments from unknown sources. It is believed, that using Protected View (https://support.office.com/en-us/article/What-is-Protected-View-d6f09ac7-e6b9-4495-8e43-2bbcdbcb6653) is a good measure of protecting against the attack.   https://securingtomorrow.mcafee.com/mcafee-labs/critical-office-zero-day-... Continue reading

Posted in
Subscribe to Current alerts listing