Latest Security News: New Updates Regarding Microsoft and Other Application Updates in October

Microsoft’s Patch Tuesday for October delivered 10 critical updates to Windows 8 and 7 systems, with five rated ‘critical’, four rated ‘important’, and an update with a ‘moderate’ or lower security rating. The way those updates were delivered were different, too, in the sense that Microsoft followed the cumulative update model used in Windows 10 for all the currently supported Windows platforms and their respective versions. Before this latest update, Microsoft used to have a granular approach with individual patches and updates. Now, security is bundled with system component (.NET) and browser components as aggregate patches.

The October updates included multiple ‘Patch Now’ updates for Edge, Internet Explorer, Adobe Flash Player, and a minimum component of Microsoft Office, all of which will require you to restart your system after completion. MS16-118 is one of the critical updates aimed at Internet Explorer to resolve 11 vulnerabilities in its security related to scripting engine issues and memory corruption, both of which could make the browser vulnerable to remote code execution. At least one issue related to memory has already been exploited in the past months and was reported to Microsoft, resulting in this ‘Patch Now’ update.

MS16-119 is another critical update that will resolve 17 memory, scripting, and name space handling problems in Microsoft Edge. It comes with a fix that is aimed as a remedy for a recently detected exploit. MS16-127 addressed 12 security ‘priority one’ vulnerabilities in Adobe Flash Player. If left unpatched, hackers could remotely execute a code. The update is not directly linked with the Edge and IE updates. Instead, it affects only the platforms running on Windows 8.

Apart from Microsoft, Oracle rolled out a critical patch update, which consisted of patches addressing multiple security vulnerabilities. Oracle keeps receiving reports of various attempts to exploit vulnerabilities maliciously, so applying the update is crucial to keep your system safe. October 2016’s critical patch update covers 253 new security fixes for various products, including Oracle Database Server, Application Express, Enterprise Manager, and PeopleSoft Enterprise. 

About the Author:

           

Mike Rana is the Chief Technology Advisor of Orion Network Solutions. Orion Network Solutions specializes in providing Computer Installation, Maintenance, and Consulting services along with 24x7 help desk services for small and midsize companies. We provide network solutions that enable small businesses to not only lower their management cost but also increases employee productivity at the same low price. We offer network solution that becomes an integral part of your organization and can provide an increase in productivity of your organization.

IoT Devices

The billions of interconnected devices, buildings, vehicles, and other objects that are embedded with software, electronics, actuators, network connectivity, and sensors make up the Internet of Things (IoT). The best thing about IoT is that it allows data transfer over the network without human to computer or human-to-human interactions. In IoT, ‘things’ can refer to anything from a farm animal that has a biochip transponder, a car with built-in sensors that can alert you on certain issues (i.e. low fuel or low tire pressure), or someone with a heart monitor implanted in them. IoT devices have an IP address and the ability to deliver data over networks.

The Internet of Things came to be when the internet combined with microservices, micro-electromechanical systems, and wireless technologies. With that convergence, walls between information technology and operational technology were eliminated to enable machine-generated unstructured data to be determined for insights. However, since the IoT devices involve transferring data over a network, they are still prone to security risks. For instance, high-end cars that have built-in Wi-Fi are still prone to security issues that are common to conventional Wi-Fi hotspots. You should be worried about these vulnerabilities because hackers could attack your devices to access critical information about your business or organization. Hence, it is important to find and implement reliable security measures that can help prevent and remediate the security vulnerabilities that could pose a threat to IoT devices.

Traditional manufacturers rely on proprietary embedded systems, which are difficult to hack because of restrictions and closed source code. Many IoT devices run on Microsoft Windows because it is ubiquitous, commonly used by programmers, and reasonably priced. The operating system is used in various devices including mobile medical devices (i.e. pacemakers). However, unlike Windows for desktop, Windows for IoT devices currently lack a patching method, and since many of them are connected to the internet using wireless technologies like Wi-Fi, the easier it is for viruses to spread amongst them.

To avoid security vulnerabilities in IoT devices, it is essential to keep their software updated at all times. If your business relies on wearables and mobile smart devices, consider coming up with policies on how they should be used by your employees. An IT consultant should be able to help you come up with the right strategies to make your IoT devices safer. 

About the Author:

           

Mike Rana is the Chief Technology Advisor of Orion Network Solutions. Orion Network Solutions specializes in providing Computer Installation, Maintenance, and Consulting services along with 24x7 help desk services for small and midsize companies. We provide network solutions that enable small businesses to not only lower their management cost but also increases employee productivity at the same low price. We offer network solution that becomes an integral part of your organization and can provide an increase in productivity of your organization.