Microsoft Patched Holes
Despite the circumstances and the stressors we're all facing, it's no time to fall asleep on your cyber-watch duties. Criminals know many of us are overwhelmed and they're capitalizing on that psychology in a big way.
This past Tuesday Microsoft released an update that contained patches to over 113 vulnerabilities. Unfortunately, several of those attacks are publicly known and being actively exploited. In all, 19 of the vulnerabilities were marked as "critical" by Microsoft, their highest level of seriousness.
While most of us assume our systems are automatically getting patched, or "that's IT's responsibility", all too often we discover that's not the case. While it's great to have an IT team you can rely upon, that does not mean you are absolved of your self reliance.
Here are two tips you should do often:
- Every time you log in, check your system tray to ensure your anti-virus software is active, Malware is very sneaky and one of the common tricks is to disable your A/V program so they can go about their nasty tasks unobstructed.
- At least weekly, if not every few days, open up your anti-virus program and be sure it's up to date and running scans daily.
- Weekly check that your Windows updates are being applied. To do this, click the Start (lower left Window icon), Settings, Update and Security. You may get an alert telling you your IT or system administrator controls those updates. That's fine, but click the "Check for updates" button anyway and see what results. Ideally, your system will report it is up-to-date. If it does not, then download, run, and install the updates. If you're IT is handling this and you have unapplied updates, contact your IT to find out why. They may have good reason for patches to be unapplied, but they may also be unaware your system is unpatched.
These are basic steps that should be part of your daily computing routine, particularly now that so many of us are working from home and exposing our corporate networks to the legions of infections that reside on many home networks.
Be safe, Call us if you have any questions or think your system is infected.
Thanks for reading.
Jeff Mongelli
If you have any questions or if you are concerned about your organization's cybersecurity, give us a call at (800) 970-0402. We'll be happy to help.
For more HIPAA information, download our ebook - The Ultimate HIPAA Compliance Handbook.
The HIPAA Security Rule requires the implementation of a security awareness and training program for all members of its workforce (including management). Have your team sign up for weekly HIPAA Security Reminder to help stay compliant.