Cookie Laws within the EU Allow Cookies
Competitive personal insurance for your family home, car and holidays

Call us on
020 8309 1717
   
 
CLIENT CYBER ADVISORY UPDATE
Published on the 24th January 2020

Cyber Security Threat!!!!

The US National Security Agency has announced the discovery of a serious security vulnerability within Windows 10 and Windows Server 2016/2019 that exploits a component known as CryptoAPI. Microsoft has released a patch to fix it and all users of these operating systems are advised to implement this patch immediately.

 

Developers use digital signatures to prove that their software is legitimate and has not been tampered with. However, this security vulnerability could allow an attacker to spoof legitimate software, undermining how Windows verifies trust and allowing the running of malicious software, like ransomware, in the background. According to Microsoft, the user would have no way of knowing a file was malicious, because the digital signature would appear to be from a trusted provider.

 

The vulnerability affects Windows 10 and Windows Server 2016/2019 as well as applications that rely on Windows for trust functionality, such as HTTPS connections, signed files and emails, and signed executable code launched as user-mode processes.

 

Businesses running affected systems should install all patches from January 2020 as soon as possible, prioritizing endpoints that provide essential services.

 

Links to critical patches are contained within the Security Guidance Advisory from Microsoft

 

Thanks for your time and attention,




 
Recent Posts
  GUIDANCE NOTE - LIABILITY
EXCLUDING OR RESTRICTING BUSINESS LIABILITY FOR CONTRACTUAL...

27th July 2020
Read more >>
  Pension allowances impacting high earners
Please see attached a fact sheet we have put together...

30th April 2020
Read more >>
  Coronavirus: What do policies cover?
The situation continues to evolve, but what cover is...

6th March 2020
Read more >>
  Businesses losing out to fraud
The cost of business losses from fraud and scams reached...

29th January 2020
Read more >>
Archived Posts >>
Search posts
 
   
Services for UK based residents and businesses only.

Authorised and regulated by the Financial Conduct Authority.