New Bug Threatens Every Windows User | Update Your Devices Now

January 14, 2020 marked the last day Microsoft would support devices running Windows 7, and right out of the gate users of the unprotected operating system are facing some major security risks. Found by the National Security Agency, a significant vulnerability was recently discovered to affect nearly every version of Windows introduced over the last 20 years; including Windows 10 and Windows Server 2019.

While Microsoft has since released a patch to remediate the security flaw on its newest platforms, this is the last patch Windows 7 users will receive. Therefore, it is of paramount importance that those who have not upgraded from Windows 7 or Windows Server 2008 consider doing so immediately.

Where Do the Vulnerabilities Lie?

First reported on by KrebsOnSecurity, the vulnerability stems from a flaw in Crypt32.dll; part of a Windows module known to handle the certificate validation of Windows-based applications, such as those developed by Adobe and many others. While there’s a lot of technical jargon behind this module’s use-case, know that it is a line of defense Microsoft designed to ensure downloadable programs are authentic and originated from a trusted developer. If, after scanning the program, the module approves its legitimacy, the software is free to run. On the other hand, if the program is deemed suspicious, Microsoft terminates the software; prioritizing the safety of the device and its owner.

Although, in concept, this is quite a feat to behold, NSA’s recent discovery shows that this authentication module can be tricked into believing a malicious third-party program is in fact safe. And while the NSA is known to withhold knowledge of vulnerabilities from the public in an effort to spy on foreign networks, leaders of the organization believe that this vulnerability threatens far too many innocent bystanders to be kept a secret.

What’s the Risk?

So, you may be curious to know what may happen if you leave your Windows device out of date and unprotected. Well, for users known to regularly download new applications, there’s a wide array of security implications. According to Microsoft, malicious software that is wrongfully authenticated has the potential to give hackers access to information stored within the Internet Explorer and Edge web browsers; along with other various third-party applications.

In turn, a successful infiltration of a user’s device means passwords, banking information, and important documents may be placed at risk. Furthermore, if the infected device happens to contain the information of a business’ key leader, this information can be used to creep deeper into a business’ network; potentially holding the organization ransom and halting normal business operations.

How to Update Your Devices

Because Crypt32.dll was introduced into Microsoft’s ecosystem over 20 years ago, it’s likely that every Microsoft OS from Windows 2000 to Windows 10 is at high risk. And while it’s unlikely that you’re using a piece of technology from nearly two decades ago, there is a chance that you’ve yet to update your modern computer or server running a newer version of Windows.

To check if your PC has installed Microsoft’s most recent patch, open the Start menu by clicking the Windows icon in the bottom-left corner of the screen. From here, select the settings icon, click the menu item labeled “Update & Security”, and select “Windows Update” from the sidebar. Once the window has loaded, click “Check for Updates”. If your computer is not up-to-date, Windows will then begin to download and install any needed patches. After these updates have completely downloaded, it’s likely that you’ll need to save your work and restart your computer for the patch to fully install.

For those with a Windows server running version 2016 or 2019, Rocket IT recommends backing up your data before initiating the patching process. After the backup step is completed, follow the same update procedure as listed above to secure your equipment.

A Final Word of Advice

While Rocket IT typically enables automatic updates across customer devices, manually patching your computer ensures it is protected as soon as an update is provided. But for those who plan to wait to update their Windows-based device for unbeknownst reasons, heed this caution. Microsoft has ranked this recent security flaw as a priority one threat: its second most severe rating. Noting this importance, the US Department of Homeland Security has issued a directive for high-ranking US military officials and senior managers of key internet infrastructures to update their Windows devices; ensuring their PCs now fully validate the certificates of software applications before their installation.

As always, for more information on how your organization can automate patching procedures on a company-wide scale, give Rocket IT a call at 770-441-2520.