It’s Patch Tuesday again for all Windows sysadmins and this month’s delivery includes more fixes than usual.
Microsoft’s security bulletin lists 14 individual fixes including a fix for the recently discovered “FREAK” vulnerability. Of the fourteen fixes, 5 of them are rated Critical and the rest are Important.
Also included are fixes for issues […]
“FREAK” Vulnerability (CVE2015-0204): Pretty Much All Systems are Exposed
The list of flaws in trusted security algorithms has grown again with the recent announcement of the “FREAK” (Factoring Attack on RSA-EXPORT Keys) vulnerability also known as CVE-2015-0204.
First reports confirmed that many OpenSSL implementations contained the flaw and today Microsoft issued Security Advisory 3046015 confirming that all versions of Windows are vulnerable.
Where Did The Freak Vulnerability (CVE2015-0204) Come From?
The details of the vulnerability are alarming and largely due to flawed federal policies on encryption dating back to the 1990s. Around that time products like PGP (Pretty Good Privacy) were starting to see wider distribution and the U.S. officials responded by passing laws to control the export of any product that included high grade encryption. It was a futile effort and the battle was eventually won by crusaders such as Phil Zimmerman.
Some would even say there is a darker side to government efforts on the control and distribution of encryption technology:
Techniques for Fast and Efficient Server Monitoring
FrameFlow is highly customizable and offers a wide variety of monitoring options. We’ve designed it that way on purpose to give you the flexibility to build out your monitoring configuration in a way that best suits your work environment, practices and policies.
There’s one area where first time users often have questions and that’s when it comes to authentication. FrameFlow is an agentless monitoring system, which means we don’t install anything on the systems being monitored. Instead we use standard protocols to reach out to the monitored machines and collect the data we need. To do that we need to authenticate to the machines being monitored. This is a good thing because it means that FrameFlow plays by the rules when it comes to your network security polices rather than wildly opening ports to reveal monitoring data like some agent-based systems do.
January 2015 – 1 Critical and 7 Important Fixes
The first Patch Tuesday for 2015 has been released and Windows sysadmins will be busy updating as usual.
This release includes 8 fixes with 1 listed as Critical and 7 more listed as Important. It’s always vital to make sure your systems are fully patched but Windows admins may feel some comfort knowing that the only critical issue is one that affects the Windows Telnet Service.
The internet has been around for more than half a century, going back to the 1960s when the US Department of Defense first awarded contracts for packet network systems. With each passing decade, we saw a greater proliferation of the net into more areas of our lives, transforming our world into a global, knowledge-based civilization; however, one of the big problems with today’s internet technology is the abundance of security bugs, lingering from out-of-date nodes in the net.
Photo By Karin Jonsson (Flickr: Poodle) [CC-BY-2.0 via Wikimedia Commons
POODLE 2.0: Here We Go Again
It was just a bit more than an month ago when the POODLE vulnerability in SSLv3 was discovered and sent sysadmins around the world scrambling.
You might remember that the original POODLE vulernability affected SSLv3, an older protocol that has been largely replaced by the TLS protocol. Since SSLv3 was only available on many systems as a measure to support very old web browsers, it was no big deal to disable it and thereby remove the vulnerabilty.
But today news is spreading that some TLS implementations can be vulnerable too and that as many as 10% of all web sites maybe affected. This new vulnerability has been labeled CVE-2014-8730 and it’s much more serious that the original POODLE.
It’s time to scramble again.
The vulnerability allows a user with restricted permissions to escalate to domain administrator privileges and Microsoft reports that attacks have been seen in the wild. Microsoft has officially stated that "the only way a domain compromise can be remediated with a high level of certainty is a complete rebuild of the domain," so it's critical that all Windows admins apply this patch immediately.
Microsoft recommends first patching domain controllers running Windows Server 2008 R2 or earlier. Next, patch your Windows Server 2012 and later domain controllers. Finally, patch all of your regular systems to ensure complete safety.
Use the following step-by-step instructions showing how to configure FrameFlow Server Monitor to make sure your systems have been patched:
With each new Windows release the desktop edition gets a lot of press coverage but what about the server editions? Let’s take a look at the server edition that was released along with the Windows 10 Technical Preview.
What Will the New Windows Server Edition be Called?
First, let’s talk about the name. At this time it’s not clear whether the new version will be called “Windows 10 Server,” or “Windows Server 2015,” or possibly something else. Microsoft currently uses the generic “Windows Server Technical Preview” which doesn’t give anything away. While we now have a confirmed name for the desktop edition, those of us on the server side of things will have to wait a bit longer.
What is the POODLE Bug?
Google researchers have found a severe flaw in an obsolete but still used encryption software, which could be exploited to steal sensitive data… The POODLE attack can force a connection to “fallback” to SSL 3.0, where it is then possible to steal cookies. Computerworld
FrameFlow Server Monitor Can Verify POODLE Patch Installation
Did you know that you can use FrameFlow Server Monitor to verify that the patch has been installed on all your systems?
Update: Windows 9 is dead. Long live Windows 10! Microsoft fooled everyone by skipping to Windows 10. There’s a preview build available already and stay tuned for our initial observations. So far all we can say is that we’re happy to have the Start Menu back.
We are very happy to announce that FrameFlow v7.0.5 is now available for download!
This release includes a number […]
Databases like SQL Server, MySQL and Oracle are the workhorses of IT operations. They are the reliable back-end for applications, services, web sites and many other kinds of systems so […]
Your servers, switches and routers are the core of your operations so of course it’s important to ensure that everything is running smoothly and to get early warning about potential problems. With this set of five best practices you can optimize your server monitoring configuration for easy management, quick adaptation to changing conditions and […]
We’re very pleased to announce that version 7.0 for FrameFlow Server Monitor and FrameFlow Multi-Site Monitor has been released.
This new version includes many features that you guys have been asking for. Some highlights include:
Maintenance Windows: You can define scheduled or one-time maintenance windows […]
FrameFlow v7.0 Beta 2
We’re very happy to announce that the second beta release for FrameFlow Server Monitor and FrameFlow Multi-Site Monitor is now available for download. As with beta 1 this release is available for all licensed users or by invitation for evaluation users.
Updates Since Beta 1
We’ve made […]
Version 7.0 Status Update
As you probably saw, Beta 1 of FrameFlow v7.0 was released at the beginning of the month. Since then we’ve had a ton of feedback and we’ve been making further updates and fixes.
Beta 2 is almost ready for release and you’ll see a number of changes in it. First, we’ve made […]