Blog

Dresner Group Blog

Our technology blogs feature IT tips and best practices for businesses in Columbia, Baltimore, Bel Air and in and about Maryland since 2002.

Whoops! Microsoft Update Has Been Missing This Critical Security Vulnerability

Whoops! Microsoft Update Has Been Missing This Critical Security Vulnerability

For the most part, Microsoft takes security as seriously as it should, issuing updates and patches to maintain your Windows and Server operating systems. While you can count on receiving these updates for your supported operating systems, what you might not have known is that Microsoft accidentally overlooked a flaw in its own defenses.

The Flaw is in Vulnerable Drivers

Microsoft has a Windows Update tool that is supposed to detect and add vulnerable software drivers to a blocklist.

Drivers are the bits of software that help your computer interface with various hardware. Without the driver properly installed and updated, the hardware doesn’t behave the way it should. Of course, we’re talking about software here, so drivers can be just as vulnerable to threats as any other software can, and because of their functionality, they have access to systems on your PC that can cause problems.

Well, Microsoft’s Windows Update tool hasn’t been managing the block list, even though Microsoft has insisted on reinforcing it. You may have been receiving updates and patches as needed, but this is one particular piece of security that has not been updated.

This flaw gives threats the ability to push any known vulnerable driver to your PC, then use those vulnerabilities to their advantage. These types of flaws are not new or unheard of; they have been around for at least a decade, and the large increase in threats over the past several years can be attributed to this vulnerability. Attackers like to cast wide nets using easy-to-leverage vulnerabilities, and this one fits the profile just fine.

Microsoft has been working on a fix and says that something will be coming with the next Windows update.

Businesses usually want to prevent their users from installing and configuring new devices on their work PCs, and this is a sound strategy to prevent many threats from striking your business. It’s not a magical cure-all, but it will go a long way.

If you’re ready to protect your network from external threats, know that Dresner Group is ready and able to assist your business with implementing enterprise-grade security solutions. All you have to do to get started is call us today. You can reach us at (410) 531-6727.

×
Stay Informed

When you subscribe to the blog, we will send you an e-mail when there are new updates on the site so you wouldn't miss them.

How to Protect Yourself from the Four Major Types ...
Network Segmentation is a Smart Move for Business ...
 

Comments

No comments made yet. Be the first to submit a comment
Guest
Already Registered? Login Here
Guest
Sunday, 27 November 2022

Captcha Image

Client Service Login

Latest News & Events

This tournament is scheduled to be held Friday, June 10, 2022. The past six years have all been sold-out and this year is shaping up to be another one for the books you won't want to miss. 

Contact Us

Learn more about what Dresner Group can do for your business.

  • (410) 531-6727
  • 8600 Foundry Street, Suite 302, Savage, Maryland 20763

Copyright Dresner Group. All Rights Reserved.