Featured News
Posts List
Health
Latest Microsoft Patch -How Important is it?
The Microsoft Security Response Center just released the following
Microsoft Mitigates Outlook Elevation of Privilege Vulnerability
Microsoft has developed a script to see if you are already infected by hackers: https://microsoft.github.io/CSS-Exchange/Security/CVE-2023-23397/
The script can run on Exchange server or on Azure based mailboxes(AzureEnvironmentName, AzureADEndpoint, EWSOnlineURL, and EWSOnlineScope can be left as default).
This is a good thing.
I discuss installing patches as soon as possible due to the leadup of how long it takes to create a patch in the past as well as in my book “Too Late You’re Hacked”
The latest image that I created is called “From Bug found to Patched Safe”
You see the day the Outlook vulnerability was found was months ago while it was released on 3/14 (on Patch Tuesday)
Here is a NIST(National Institute Standards &Technology) bulletin placing this vulnerability at a 9.8 criticality on a scale of 0(lowest)-10(highest).
So this vulnerability (Outlook Elevation of Privilege) was found by researchers or Microsoft at an undisclosed time – as at this point I can’t find it on the usual areas (CVE, Mitre, NIST, and general Internet search). So I must recommend that you should patch(or update) your systems as quick as possible to ensure you will not be taken advantage of an attack coming into your environment.
(Answering the headline question — How important is this patch)
Because if you get hacked the hacker now might get admin privileges, which can be used for more mayhem.
Purchase my book “Too Late You’re Hacked” to get a better understanding of why this is needed (to upgrade) as soon as practical.
Contact me to discuss.
Economy
WAGO Controllers Vulnerable to Remote Command Execution
Several types of WAGO Controllers (I/O) have RCE vulnerabilities according to OneKey got the info from CERT (Computer Emergency Response Team)
Here is the list from CERT:
| Article No° | Product Name | Affected Version(s) |
|---|---|---|
| 751-9301 | Compact Controller CC100 | FW20 <= FW22 |
| 751-9301 | Compact Controller CC100 | = FW23 |
| 752-8303/8000-002 | Edge Controller | = FW22 |
| 750-81xx/xxx-xxx | PFC100 | FW20 <= FW22 |
| 750-81xx/xxx-xxx | PFC100 | = FW23 |
| 750-82xx/xxx-xxx | PFC200 | FW20 <= FW22 |
| 750-82xx/xxx-xxx | PFC200 | = FW23 |
| 762-5xxx | Touch Panel 600 Advanced Line | = FW22 |
| 762-6xxx | Touch Panel 600 Marine Line | = FW22 |
| 762-4xxx | Touch Panel 600 Standard Line | = FW22 |
4th of May the issue is “Improper Neutralization of Special Elements used in an OS Command (‘OS Command Injection’) (CWE-78)“
Thus all devices that have an Operating System by this company (WAGO) are vulnerable to Remote Code Execution.
What is a PLC or Programmable Logic Controller? The PLC controls IO points (Input/Output) different types of electrical input or output. I.e. digital, or analog . And of course the PLC is connected to the network.
Here is a tutorial on PLC’s https://www.amci.com/industrial-automation-resources/plc-automation-tutorials/what-plc/
The whole idea of a PLC is to give some immediate function to certain IO points. These things make sense in a factory where stuff is being made or packaged or otherwise created/serviced. One may want a fail safe electrical impulse thus the PLC is a special device that allows this to happen.
Thus PLC’s are used in industrial applications in factories.
So now we know that the PLC is susceptible to a computer attack what could happen to it? A Remote command execution means that one only needs to know the ip address of the device to attack and compromise it. In some factories changing settings could destroy merchandise or create safety hazards. Thus it behooves you to keep up on potential problems like these.
Update and patch your devices!!
In the above image I tried to convey how long things take (from the first moment when vulnerability is found until the moment it is patched.
Contact us and buy my book “Too Late You’re Hacked”
To patch or upgrade systems to keep high vulnerabilities out of your systems is very important.
If you want to learn more about the patch/upgrade cycle then buy my book. I go into it with more detail
