{"id":32295,"date":"2017-10-17T20:21:03","date_gmt":"2017-10-17T20:21:03","guid":{"rendered":"http:\/\/greenpages.com\/?p=7267"},"modified":"2017-10-17T20:21:03","modified_gmt":"2017-10-17T20:21:03","slug":"krack-adobe-flash-vulnerabilities-how-to-protect-now-prevent-later","status":"publish","type":"post","link":"https:\/\/icloud.pe\/blog\/krack-adobe-flash-vulnerabilities-how-to-protect-now-prevent-later\/","title":{"rendered":"KRACK &amp; Adobe Flash Vulnerabilities: How to Protect Now &amp; Prevent Later"},"content":{"rendered":"<p class=\"p1\"><span class=\"s1\"><img loading=\"lazy\" decoding=\"async\" class=\"size-full wp-image-7094 alignright\" src=\"https:\/\/greenpages.com\/wp-content\/uploads\/iStock_000020042572XSmall-e1494875403378.jpg\" alt=\"Security Vulnerabiility\" width=\"300\" height=\"225\" \/>As you may know, there were <\/span><span class=\"s2\">multiple<\/span><span class=\"s3\"> major security vulnerabilities announced yesterday.\u00a0One <\/span><span class=\"s2\">specifically<\/span><span class=\"s3\"> related to the WPA2 WiFi Security Protocol dubbed \u201cKRACK\u201d and another related to Adobe Flash.\u00a0What happened and how can you protect your environment from the KRACK &amp; Adobe Flash vulnerabilities? Below is what we shared with our current Managed Services customers, but even if you work with another provider or handle all of your IT system monitoring and management yourself, this may be helpful toward further understanding your risks and how to protect your environment.<\/span><\/p>\n<p class=\"p2\"><span style=\"text-decoration: underline;\"><span class=\"s4\"><b>WPA2 \u201cKRACK\u201d Vulnerability<\/b><\/span><\/span><\/p>\n<p class=\"p2\"><span class=\"s1\"><br \/>\nWhat is it?: A critical vulnerability in the WiFi Protected Access II (WPA2) protocol which could allow someone within range of your wireless network to gain unauthorized access to traffic over that connection.\u00a0<\/span><\/p>\n<p class=\"p2\"><span class=\"s1\">This vulnerability applies to any device that utilizes the WPA2 protocol to establish secure connections, including Wireless Access Points, Endpoints (laptops, desktops), and Mobile Devices.<\/span><\/p>\n<p class=\"p2\"><span class=\"s1\">Microsoft has already released a patch and it is included in the October Security Rollup.\u00a0For customers currently enrolled in our desktop patching program, this roll-up has been approved for immediate install.\u00a0For customers enrolled in our Server patching program, we will apply the October Security Rollup per the normal patching schedule as servers typically will not have WiFi enabled.\u00a0<\/span><\/p>\n<p class=\"p2\"><span class=\"s1\"><b>Further \u2013 some recommendations for your end users:<\/b><\/span><\/p>\n<ul class=\"ul1\">\n<li class=\"li2\"><span class=\"s1\">Avoid public WiFi (such as coffee shops, hotels, etc.)<\/span><\/li>\n<li class=\"li2\"><span class=\"s1\">When connected to WiFi, try to limit browsing to HTTPS sites<\/span><\/li>\n<li class=\"li2\"><span class=\"s1\">Consider using a VPN which will encrypt traffic end-to-end<\/span><\/li>\n<\/ul>\n<p class=\"p2\"><span class=\"s1\">While patching your endpoints will substantially mitigate the vulnerability, GreenPages will be watching for upcoming available patches and updates for the network devices in your environment in the coming days and weeks and will work with you to apply those expeditiously.<\/span><\/p>\n<p class=\"p2\"><span class=\"s1\">More specific details on this <a href=\"https:\/\/www.kb.cert.org\/vuls\/id\/228519\/\"  rel=\"noopener\">WiFi vulnerability<\/a> can be found <a href=\"https:\/\/www.kb.cert.org\/vuls\/id\/228519\/\"  rel=\"noopener\">here.<\/a><\/span><\/p>\n<p class=\"p2\"><span class=\"s4\"><b>Adobe Flash Vulnerability:<\/b><\/span><\/p>\n<p class=\"p2\"><span class=\"s1\">Adobe released a security update for a vulnerability that was\u00a0recently\u00a0discovered that could lead to remote code execution.\u00a0<\/span><\/p>\n<ul class=\"ul1\">\n<li class=\"li2\"><span class=\"s1\">If you are currently enrolled in a 3<\/span><span class=\"s5\"><sup>rd<\/sup><\/span><span class=\"s1\">\u00a0party patching program that includes Adobe Flash, we have already approved this patch for deployment to your environment.<\/span><\/li>\n<li class=\"li2\"><span class=\"s1\">If you are not enrolled, due to the risk potential for this vulnerability, it\u00a0is highly recommended that you apply this patch to all devices in your environment.\u00a0<\/span><\/li>\n<\/ul>\n<p class=\"p2\"><span class=\"s1\">The <a href=\"https:\/\/helpx.adobe.com\/security\/products\/flash-player\/apsb17-32.html\"  rel=\"noopener\">Adobe Flash Security Bulletin<\/a> can be found <a href=\"https:\/\/helpx.adobe.com\/security\/products\/flash-player\/apsb17-32.html\"  rel=\"noopener\">here.<\/a>\u00a0\u00a0<\/span><\/p>\n<p class=\"p2\"><span class=\"s1\">We\u2019ll be writing a follow-up post next week about the KRACK &amp; Adobe Flash vulnerabilities once the dust has settled to see how the industry has reacted and responded to these vulnerabilities so please check back then.<\/span><\/p>\n<p><span class=\"s1\">To learn more about GreenPages\u00a0Server, Desktop, 3rd\u00a0Party Patching, and <a href=\"https:\/\/greenpages.com\/managed-it-services\/\"  rel=\"noopener\">Managed Services<\/a> Programs, please call 800-989-2989 and we can set up a call to discuss.<\/span><\/p>\n<p class=\"p2\"><span class=\"s1\">By:<\/span><\/p>\n<p class=\"p2\"><span class=\"s1\">Jay Keating, VP Cloud &amp; Managed Services<br \/>\nAaron Boissonnault, Director, Hybrid Cloud Operations<br \/>\nSteve Stein, Director, Client Services<\/span><\/p>\n<div class=\"feedflare\">\n<a href=\"http:\/\/feeds.feedburner.com\/~ff\/JourneyToTheCloud?a=iHx8Fw-wlhk:4-6AVwkLYQk:yIl2AUoC8zA\"><img decoding=\"async\" src=\"http:\/\/feeds.feedburner.com\/~ff\/JourneyToTheCloud?d=yIl2AUoC8zA\" border=\"0\"><\/img><\/a> <a href=\"http:\/\/feeds.feedburner.com\/~ff\/JourneyToTheCloud?a=iHx8Fw-wlhk:4-6AVwkLYQk:-BTjWOF_DHI\"><img decoding=\"async\" src=\"http:\/\/feeds.feedburner.com\/~ff\/JourneyToTheCloud?i=iHx8Fw-wlhk:4-6AVwkLYQk:-BTjWOF_DHI\" border=\"0\"><\/img><\/a> <a href=\"http:\/\/feeds.feedburner.com\/~ff\/JourneyToTheCloud?a=iHx8Fw-wlhk:4-6AVwkLYQk:V_sGLiPBpWU\"><img decoding=\"async\" src=\"http:\/\/feeds.feedburner.com\/~ff\/JourneyToTheCloud?i=iHx8Fw-wlhk:4-6AVwkLYQk:V_sGLiPBpWU\" border=\"0\"><\/img><\/a> <a href=\"http:\/\/feeds.feedburner.com\/~ff\/JourneyToTheCloud?a=iHx8Fw-wlhk:4-6AVwkLYQk:qj6IDK7rITs\"><img decoding=\"async\" src=\"http:\/\/feeds.feedburner.com\/~ff\/JourneyToTheCloud?d=qj6IDK7rITs\" border=\"0\"><\/img><\/a>\n<\/div>\n<p><img loading=\"lazy\" decoding=\"async\" src=\"http:\/\/feeds.feedburner.com\/~r\/JourneyToTheCloud\/~4\/iHx8Fw-wlhk\" height=\"1\" width=\"1\" alt=\"\"\/><\/p>\n","protected":false},"excerpt":{"rendered":"<p>As you may know, there were multiple major security vulnerabilities announced yesterday.&nbsp;One specifically related to the WPA2 WiFi Security Protocol dubbed &ldquo;KRACK&rdquo; and another related to Adobe Flash.&nbsp;What happened and how can you protect your environment from the KRACK &amp; Adobe Flash vulnerabilities? Below is what we shared with our current Managed Services customers, but&#8230;  <a href=\"http:\/\/greenpages.com\/featured\/krack-adobe-flash-vulnerabilities\/\" title=\"ReadKRACK &amp; Adobe Flash Vulnerabilities: How to Protect Now &amp; Prevent Later\">Read more &raquo;<\/a><\/p>\n","protected":false},"author":61,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[179,1546,3327,5354,1899],"tags":[118],"class_list":["post-32295","post","type-post","status-publish","format-standard","hentry","category-featured","category-it-security","category-networking-security","category-patching","category-wireless","tag-security"],"_links":{"self":[{"href":"https:\/\/icloud.pe\/blog\/wp-json\/wp\/v2\/posts\/32295","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/icloud.pe\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/icloud.pe\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/icloud.pe\/blog\/wp-json\/wp\/v2\/users\/61"}],"replies":[{"embeddable":true,"href":"https:\/\/icloud.pe\/blog\/wp-json\/wp\/v2\/comments?post=32295"}],"version-history":[{"count":1,"href":"https:\/\/icloud.pe\/blog\/wp-json\/wp\/v2\/posts\/32295\/revisions"}],"predecessor-version":[{"id":32296,"href":"https:\/\/icloud.pe\/blog\/wp-json\/wp\/v2\/posts\/32295\/revisions\/32296"}],"wp:attachment":[{"href":"https:\/\/icloud.pe\/blog\/wp-json\/wp\/v2\/media?parent=32295"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/icloud.pe\/blog\/wp-json\/wp\/v2\/categories?post=32295"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/icloud.pe\/blog\/wp-json\/wp\/v2\/tags?post=32295"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}