720-891-1663
Return to the list of client alerts
The feds are really working hard to get more information out to users and to warn them when there are serious problems.
Today it is U.S. Cyber Command, AKA CyberCom. Cyber Command is part of the Defense Department and the same guy who runs it also runs the NSA, General Paul Nakasone.
So when CyberCom says there is a problem, we probably ought to listen. IT PROBABLY MEANS THAT THEY HAVE INTELLIGENCE THAT IT IS ALREADY BEING USED TO TRY AND ATTACK US.
Today CyberCom is saying that you need to patch the Windows “Bad Neighbor” bug.
NOW!
The problem is that the bug can be triggered remotely and affects both Windows clients and Windows servers.
It was patched yesterday along with 80+ of its friends.
Microsoft has released a proof of concept exploit to it’s friends and they say that the example is both SIMPLE and RELIABLE. These are not qualities that you would like to use when you are talking about malware that can attack your servers and workstations. Sophos has also released sample code.
Right now, today, the bug can be used to remotely and without credentials, crash your servers and your workstations (blue screen of death) or just make them unavailable to users (denial of service). That is today. Give the hackers a few days and they will figure out how to do more damage.
This is the first time that I can remember that CyberCom is saying install a patch. This year we have seen the NSA and DHS/CISA tell us to install patches. Now CyberCom is added to the list of agencies looking out for us.
Historically, the government has been accused (I say correctly) of focusing on how they can use bugs against others and less worried about our own companies getting clobbered. The feds seem to be working hard to change that. See more information at Bleeping Computer