On January 14th, 2020, Microsoft released a handful of critical patches to address security vulnerabilities. These include Windows CryptoAPI, Windows Remote Desktop Gateway (RD Gateway), and Windows Remote Desktop Client. Any machines running 32- or 64-bit Windows 10 operating systems, are impacted by the CryptoAPI Spoofing vulnerability and any Windows Server 2012 and newer are impacted by the Windows RD Gateway and Windows Remote Desktop Client vulnerabilities.
According to Microsoft, the Crypto Spoofing vulnerability allows a maliciously crafted certificate to appear like it was issued from a host name that did not authorize the certificate. This can be serious issue if the certificate impersonates a user’s bank website, which can cause their personal information to be exposed. The Windows RD Gateway and Windows Remote Desktop Client vulnerability allows remote code execution, where malicious code could be executed. Malicious threats can exploit these vulnerabilities to connect to any systems without authentication or user interaction.
If you haven’t done so already, we strongly urge you to implement these updates to your own devices and to your customers’ devices immediately. Now that these vulnerabilities have been publicly announced, cybercriminals can utilize these exploits to target unpatched systems.
Simplifying the patch management process
To help simplify the patch management process, we highly suggest leveraging a remote monitoring and management tool. For example, Barracuda RMM helps you quickly and successfully implement this update across all your customers. With an RMM solution, MSPs can:
- Acquire new updates to a centralized location for distribution
- Apply it to test locations
- Remove it if any problems arise, or if the update is successful, immediately implement or schedule the update at a different time based on the importance of the devices
- Communicate with customers on the update schedule to minimize the number of offline devices from receiving this update
- Set up alerts for any devices that failed to update for immediate remedy as required
- Report on the success or failure of update process
Patch management is an important defense against cyberthreats, and it goes well beyond Microsoft Windows Operating Systems. All software can have vulnerabilities and as an MSP, it is important to have the tools in place to deploy patches in a timely manner. Leaving these vulnerabilities unpatched can leave your customers open to risk.
For more information on the Microsoft patches, please review the CISA Alert.
Photo: Jakub Krechowicz / Shutterstock.