Firewall

Dell’s Preinstalled Support Software has a Serious Vulnerability

A new vulnerability affecting Millions of Dell computers has been found.  This issue effects both home and business computers.  Dell’s built-in support tool of Dell SuppoortAssist (all versions) has a vulnerability that allows for rights escalation.  The issue is, a user who is are not administrators can exploit this vulnerability and gain administrative rights to the computers.  Once administrative rights are granted, the unauthorized user is now free to see everything on the computer and can also install malware on the system to spy on the user.

The reason users should not have administrative rights to their computers is to prevent unauthorized access or malicious software from being installed.  I have presented on this topic many times.  Even home users should not be using an account with administrative right on their computer.  The only time administrative rights are needed and should be used, is to install new software or perform other administrative tasks on that system.  Another benefit of having non-administrative accounts on a computer, even a home computer, is the ability quickly recover a computer should a user profile become infected or corrupt.

Dell licenses their desktop support tool from PC-Doctor.  SafeBreach Labs identified the vulnerability.  Dell was notified of the issue on April 29, 2019 and PC-Doctor provided an update on May 28th.  Dell is encouraging all their users to update to the new version of Dell SuppoortAssist.   For more on performing the update, go to Dells’ support site and look up   DSA-2019-084.  This has been given CVE Identifier: CVE-2019-12280.

If you would like more information, contact us here or call 937.885.7272.

Follow us on FacebookTwitter and LinkedIn and stay up to date on by subscribing to our email list.

Posted by Jack Gerbs in Cybersecurity, Information Security, Small Business

Technology Testimonial from Boonshoft CFO/COO Doug Hull

A year and a half ago we were approached by the Boonshoft Museum of Discovery to help them update their IT services for both employees and museum attendees. Changing from an internal employee to an outside service can be stressful decision, but these kinds of transitions are our specialty. We have been able to offer the museum more service and access than they were getting before resulting in higher productivity from their staff, and a more enjoyable experience for their visitors. Special thanks to Doug for speaking on his experience with Quanexus.

Posted by Jack Gerbs in Cybersecurity, Information Security, Small Business, Telephone Systems

Cyber-Threats Continue to Rise

Criminals are getting more and more sophisticated with their attacks methods.  The number one-way criminals are being successful is still through social engineering.   Social engineering is getting someone to do something they would not normally do.  Two new terms in the cybersecurity world are, corporate account takeover and business email compromise.

Many business owners believe that their staff understands how to recognize spear phishing attacks.  In reality, we are seeing successful spear phishing attacks against key employees.   In the last six months we have seen successful attacks against small financial institutions, food processing and distribution service companies, trade-show associations and more.  It is imperative that security needs to be taken seriously by everyone.

While there is no full proof way to prevent a successful attack there are several key things that must be done to minimize the risk of a successful attack.  Today’s best practice calls for a layered approach, at Quanexus we call this our Q-Stack.  The basics of a security stack include:

  • Policies/procedures
  • Firewall
  • Security awareness training for employees, and management
  • A managed antivirus solution
  • A patch management solution
  • A backup solution

Quanexus has just published a white paper with specific details on how the criminals have been successful and you must do to minimize the chance of your organization becoming a victim.  Include details on how to download the whitepaper.  This should require them to enter their email address.

If you would like more information, contact us here or call 937.885.7272.

Follow us on FacebookTwitter and LinkedIn and stay up to date on by subscribing to our email list.

Posted by Jack Gerbs in Recent Posts

Windows 7, Windows Server 2008R2 and Office 2010 are Reaching End of Extended Support

The time is quickly approaching when Windows 7, Windows Server 2008 and 2008R2 will no longer be supported. Technically these products are reaching the end of their extended support. Microsoft gradually ends support on their products. There is an official date for end of main stream support and another date for end of extended support. Extended support ends on January 13th, 2020 for Windows 7 and Server 2008. Extended support will end on October 13th, 2020 for Office 2010.

End of main stream support means that there will be no feature enhancements added to the product. Microsoft will continue to release patches that fix stability and vulnerability issues as they are found. End of extended support is defined as Microsoft will not issue stability or vulnerability updates.

Running software that is no longer supported represents a great risk to organizations and the end user. When criminals know that security patches will no longer be developed, they begin to work very hard at finding new vulnerabilities and will continue to do so. The new exploits that are discovered, near the end of support date, won’t likely be released immediately. The criminals will release them after the end of support date, because the vendor will no longer be supporting the product. These new exploits will be used to target Windows 7 systems, fully knowing that the systems are vulnerable.

Businesses, if you must run Windows 7 or Server 2008 after the end of extended support, there are a few things you can do to keep these older systems protected.  If you already have a good security stack installed, like our Q-Stack, the likelihood of a successful attack is reduced, but that is still not good enough. An additional firewall will need to be installed to separate the Windows 7 and Server 2008 devices. This firewall will require very tight rules that limit the device’s access to the internal network and the Internet. Depending on the type of firewall you have, it may be possible to create a virtual firewall on your existing device to create this additional layer of protection.

If you would like more information, contact us here or call 937.885.7272.

Follow us on FacebookTwitter and LinkedIn and stay up to date on by subscribing to our email list.

Posted by Jack Gerbs in Recent Posts