Blog

ATECH MSP Blog

ATECH MSP has been serving the Bakersfield area since 2009, providing IT Support such as technical helpdesk support, computer support, and consulting to small and medium-sized businesses.

Whoops! Microsoft Update Has Been Missing This Critical Security Vulnerability

Whoops! Microsoft Update Has Been Missing This Critical Security Vulnerability

For the most part, Microsoft takes security as seriously as it should, issuing updates and patches to maintain your Windows and Server operating systems. While you can count on receiving these updates for your supported operating systems, what you might not have known is that Microsoft accidentally overlooked a flaw in its own defenses.

The Flaw is in Vulnerable Drivers

Microsoft has a Windows Update tool that is supposed to detect and add vulnerable software drivers to a blocklist.

Drivers are the bits of software that help your computer interface with various hardware. Without the driver properly installed and updated, the hardware doesn’t behave the way it should. Of course, we’re talking about software here, so drivers can be just as vulnerable to threats as any other software can, and because of their functionality, they have access to systems on your PC that can cause problems.

Well, Microsoft’s Windows Update tool hasn’t been managing the block list, even though Microsoft has insisted on reinforcing it. You may have been receiving updates and patches as needed, but this is one particular piece of security that has not been updated.

This flaw gives threats the ability to push any known vulnerable driver to your PC, then use those vulnerabilities to their advantage. These types of flaws are not new or unheard of; they have been around for at least a decade, and the large increase in threats over the past several years can be attributed to this vulnerability. Attackers like to cast wide nets using easy-to-leverage vulnerabilities, and this one fits the profile just fine.

Microsoft has been working on a fix and says that something will be coming with the next Windows update.

Businesses usually want to prevent their users from installing and configuring new devices on their work PCs, and this is a sound strategy to prevent many threats from striking your business. It’s not a magical cure-all, but it will go a long way.

If you’re ready to protect your network from external threats, know that Atech MSP is ready and able to assist your business with implementing enterprise-grade security solutions. All you have to do to get started is call us today. You can reach us at (888) 814-4843.

Contact Us For More Information

  • First Name *
  • Last Name *
  • Phone *
  • Comments:
        Clearing an Android Device’s Cache
        Network Segmentation is a Smart Move for Business ...
         

        Comments

        No comments made yet. Be the first to submit a comment
        Guest
        Already Registered? Login Here
        Sunday, 22 December 2024

        Captcha Image

        Customer Login


        Latest Blog

        Atech MSP is proud to announce the launch of our new website at www.atechmsp.com. The goal of the new website is to make it easier for our existing clients to submit and manage support requests, and provide more information about our services for ...

        Contact Us

        Learn more about what Atech MSP can do for your business.

        Atech MSP
        3434 Truxtun Ave Suite 250
        Bakersfield, California 93301