Please login to post or view tickets

RSS Feed
CNS: SECURITY ADVISORY - All Windows OS : Multiple Vulnerabilities
Posted by Barry Bahrami on 16 April 2017 12:44 PM
[CNS Logon]

Multiple vulnerabilities affecting Microsoft Windows were published on Friday.  If your OS is not up to date, you are at risk.

Exploit Details:

On Friday, a group calling themselves “Shadow Brokers” published hacking tools on the internet that they claim were stolen from the NSA. The software contains tools to easily compromise unpatched Windows machines and so we are sending you this alert in order to make sure you are secure.

If you are running Windows 2008 or Windows 2012 then please make sure your VM is up to date with Windows Updates as of the March update cycle. This is extremely important.

If your Windows OS is not up to date as of last month then you are at high risk of compromise or denial of service – please install windows updates immediately.

If you are still running Windows 2003 and have IIS running then upgrade your operating system (OS) immediately. Your OS is insecure and we do not believe Microsoft intends to publish a security update. CNS techs will help you get your OS upgrade – please do not hesitate to ask. If you are running Windows 2003 without IIS then your OS is still believed to be secure at this time, but we strongly recommend an upgrade is completed as soon as possible. It is likely to become insecure at some point in the future.

The code to execute these exploits is now in the wild and it is only a matter of time before attacks begin, if they have not already.

If you are unable to install updates and reboot your 2008 or 2012 OS, open a powershell window and enter the following command to disable SMB v1: (No way to patch 2003)

Windows 2008:  Set-ItemProperty -Path "HKLM:\SYSTEM\CurrentControlSet\Services\LanmanServer\Parameters" SMB1 -Type DWORD -Value 0 –Force
Windows 2012:  Set-SmbServerConfiguration -EnableSMB1Protocol $false

What CNS is doing to protect you:

CNS is currently blocking the TCP ports required to trigger these attacks at the network edge. However, it is unlikely that we will be able to maintain this block into the work week because it will impact subscribers who use these same ports for legitimate means. Please use this window of opportunity to update your Windows server as soon as possible.

We are also sending you this alert so that you can make sure you are protected before attacks begin.  Please do not hesitate to contact CNS Support for assistance.  We can not install this update for you automatically becuase a reboot is required.  However, please feel free to request we install updates via support ticket and don't forget to acknowledge a reboot is ok.

Keeping your VM up to date is the best way to keep it safe from exploits.

More information:

Ars Technica


Getting Help

Thank you for choosing Commercial Network Services. Please let us know if you have any questions or concerns. We are always here to help you. We maintain a ticketing system in order to effectively address and track your support issues. Please login to your Client Area and click "Help Desk" near the top, then click "Submit a Ticket" to send a new support request to our technicians.

You can also reach our helpdesk by telephone.  Call any number.

San Diego, CA: +1 (619) 225-7882 Los Angeles, CA: +1 (213) 769-1787 / New York, NY: +1 (646) 930-7435 / London, UK: +44 (2037) 460080

Comments (0)
Post a new comment
Full Name:
© 2016 Commercial Network Services. All rights reserved.
No content may be reproduced or redistributed without express written permission on CNS letterhead.
Only Commercial Network Services subscribers are authorized to use our content during their subscription period.
Permission to use our content may be revoked at any time, and at the sole discretion of Commercial Network Services.
Some content on this site is © by their respective owners.