07 Jun 2019

Why has Windows XP received a new patch in 2019?

2014 was Microsoft’s official timestamp for when Windows XP would stop receiving support. That was until 2017 when a patch was released to defend itself against the WannaCry ransomware situation. 2 years down the line and again it seems Microsoft have released another new patch…. But why?

 

Microsoft recently released patches for both Windows XP and Windows Server 2003. The reason behind this is said to be to prevent a ‘wormable vulnerability’ that has the potential to cause as much chaos as WannaCry did back in 2017 if unchecked.

 

On the 14th May 2019, Microsoft stated:
Today Microsoft released fixes for a critical Remote Code Execution vulnerability, CVE-2019-0708, in Remote Desktop Services – formerly known as Terminal Services – that affects some older versions of Windows. The Remote Desktop Protocol (RDP) itself is not vulnerable. This vulnerability is pre-authentication and requires no user interaction. In other words, the vulnerability is ‘wormable’, meaning that any future malware that exploits this vulnerability could propagate from vulnerable computer to vulnerable computer in a similar way as the WannaCry malware spread across the globe in 2017. While we have observed no exploitation of this vulnerability, it is highly likely that malicious actors will write an exploit for this vulnerability and incorporate it into their malware.

Now that I have your attention, it is important that affected systems are patched as quickly as possible to prevent such a scenario from happening. In response, we are taking the unusual step of providing a security update for all customers to protect Windows platforms, including some out-of-support versions of Windows.

Full Microsoft statement HERE

 

If you need some advice and guidance to do with IT security, or an independent security audit please feel free to contact us directly! CLICK HERE

24 May 2018

Top 5 considerations to think about before migrating to Office 365

For small and medium sized businesses, Office 365 is a game changer with its wide range of applications and well established, versatile options to suit any business’s needs. As friendly as Office 365 may be for users, there are a few factors that should be considered before making the jump to reduce the risk of time, effort and money being wasted. To help with your decision, we’ve put together our top 5 considerations to think about before migrating to Office 365.

 

Identity

With mailboxes moving to the cloud, access to these mailboxes for on premise users needs to be considered. There are various ways to do this with separate passwords, password synch and ADFS. ADFS is recommended for a fully featured single sign on experience. With this comes the need for ADFS infrastructure.

 

Email clients

It is best practice for Email clients such as Outlook to have the latest updates installed, to maintain Office 365 hybrid functionality.

 

Shared calendars:

In a hybrid environment, shared calendars across premises (O365 <-> On Prem Exchange) can only have read permissions and not write permissions. Therefore it is best practice to migrate teams who share calendars at the same time.

 

Backups:

Although Office 365 is designed in a high availability manner, data is not backed up; meaning deleted user data is not recoverable. It’s worth considering looking into 3rd party backup solutions or using Office 365 litigation hold to retain all data.

 

Active Directory UPN:

Ensure the AD UPN matches the primary O365 SMTP address to ensure a seamless logon when it comes to Single Sign On. If they don’t match it’s worth considering changing the UPN name.

 

If you’d like to know more about how Venture 1 could help your business, or would like to ask us any questions on any topic you feel we could help with, give us a call or send us an email today and we’d be more than happy to have a chat!

Services@venture1consulting.com

+44 (0)20 8405 6434