Here at FrameFlow, as we continually strive to offer a robust and versatile server and IT systems monitoring solution for a variety of enterprise customers, we’ve noticed that there are several common issues, some of which are interrelated, detected by our software across the board. Here’s a rundown on the top five:
As modern civilization continues to advance, fuelled in many ways by innovations in digital technology, all types of businesses and government organizations are becoming increasingly dependant on the IT infrastructure powered by Windows Servers.
New Security Internet Security Flaw Discovered
The list of flaws in trusted security algorithms has grown again with the recent announcement of the “FREAK” (Factoring Attack on RSA-EXPORT Keys) vulnerability also known as CVE-2015-0204.
First reports confirmed that many OpenSSL implementations contained the flaw and today Microsoft issued Security Advisory 3046015 confirming that all versions of Windows are vulnerable.
Where Did The Freak Vulnerability (CVE2015-0204) Come From?
The details of the vulnerability are alarming and largely due to flawed federal policies on encryption dating back to the 1990s. Around that time products like PGP (Pretty Good Privacy) were starting to see wider distribution and the U.S. officials responded by passing laws to control the export of any product that included high grade encryption. It was a futile effort and the battle was eventually won by crusaders such as Phil Zimmerman.
Some would even say there is a darker side to government efforts on the control and distribution of encryption technology:
The internet has been around for more than half a century, going back to the 1960s when the US Department of Defense first awarded contracts for packet network systems. With each passing decade, we saw a greater proliferation of the net into more areas of our lives, transforming our world into a global, knowledge-based civilization; however, one of the big problems with today’s internet technology is the abundance of security bugs, lingering from out-of-date nodes in the net.
The vulnerability allows a user with restricted permissions to escalate to domain administrator privileges and Microsoft reports that attacks have been seen in the wild. Microsoft has officially stated that "the only way a domain compromise can be remediated with a high level of certainty is a complete rebuild of the domain," so it's critical that all Windows admins apply this patch immediately.
Microsoft recommends first patching domain controllers running Windows Server 2008 R2 or earlier. Next, patch your Windows Server 2012 and later domain controllers. Finally, patch all of your regular systems to ensure complete safety.
Use the following step-by-step instructions showing how to configure FrameFlow Server Monitor to make sure your systems have been patched:
Anyone running web sites on IIS with SSL support should have already rolled out patches for CVE-2014-3566, the vulnerability in SSL v3 which has been labeled POODLE.
What is the POODLE Bug?
Google researchers have found a severe flaw in an obsolete but still used encryption software, which could be exploited to steal sensitive data… The POODLE attack can force a connection to “fallback” to SSL 3.0, where it is then possible to steal cookies. Computerworld
FrameFlow Server Monitor Can Verify POODLE Patch Installation
Did you know that you can use FrameFlow Server Monitor to verify that the patch has been installed on all your systems?