Information Security

 

Current Alerts

Guidance for WannaCrypt ransomware worm attacks [updated]

The WannaCrypt ransomware worm targets computers which do not have the latest security updates installed.  We remind users to install MS17-010 as soon as possible, if they have not already done so. Microsoft released additional security updates for for older platforms including Windows XP, Windows 8, and Windows Server 2003. This attack type may evolve over time, so any additional defense-in-depth strategies will provide additional protections. For example, to further protect against SMBv1 attacks, network operators should consider blocking legacy protocols on their networks... Continue reading

Posted in

Ransomware attacks against NHS trusts.

We are aware of reports of a wide-scale ransomware attack targeting users computers in the NHS. The NHS have published a statement and it is likely that this threat will spill over into other sectors, including education. Early indications are showing that this may be a variant of the malware is exploiting MS17-010 which is a vulnerability in Microsoft Server Message Block 1.0 SMBv1 dating from March 2017. Further information on this particular issue is available here https://technet.microsoft.com/en-us/library/security/ms17-010.aspx Recommended best practice... Continue reading

Posted in

Security Update for Microsoft Malware Protection Engine

We’ve become aware that Microsoft has released an urgent update. This addresses a vulnerability that could allow remote code execution if the Microsoft Malware Protection Engine scans a specially crafted file. We encourage users to review the Microsoft Security Advisory: https://technet.microsoft.com/en-us/library/security/4022344 Typically, no action is required of enterprise administrators or end users to install updates for the Microsoft Malware Protection Engine, because the built-in mechanism for the automatic detection and deployment of updates will apply the update within... Continue reading

Posted in

Critical zero-day vulnerability in Microsoft Office

A recently discovered critical zero-day attack is being abused to distribute malware. The attack exploits a currently unpatched vulnerability in Microsoft Office to download and execute malicious code on victims' computers. OxCERT would like to warn against opening Office attachments from unknown sources. It is believed, that using Protected View (https://support.office.com/en-us/article/What-is-Protected-View-d6f09ac7-e6b9-4495-8e43-2bbcdbcb6653) is a good measure of protecting against the attack.   https://securingtomorrow.mcafee.com/mcafee-labs/critical-office-zero-day-... Continue reading

Posted in

End of life for Windows Vista

Windows Vista will exit the Microsoft extended support phase at the end of April 11th, and will no longer receive any support: https://support.microsoft.com/en-gb/help/13853/windows-lifecycle-fact-sheet Systems which are still running Vista should be upgraded before this date, or mitigating controls put in place to guard against future vulnerabilities which will not be patched. Mainstream Vista support ended on 12th April 2012. [DMT]

Posted in
Subscribe to Current alerts listing