Oct 14, 2014

Alert: Sandworm Vulnerability Affects All Microsoft Operating Systems

On Tuesday, October 14, 2014, iSIGHT Partners and Microsoft announced a Zero-Day vulnerability named “Sandworm” found in all versions of Microsoft Windows and Windows Server 2008 and 2012.

The vulnerability has been exploited in a small number of cyberespionage attacks against NATO, energy companies, a US academic organization and many others. Microsoft has since created a patch and released it as one of their security updates (CVE-2014-4114.).

The status for Codero customers:

Managed Services: Your servers have been or are currently being patched against this vulnerability. Continue to be vigilant when receiving attachments from unknown email addresses.

Self managed:  If you have enabled automatic updating, the Microsoft security update will be downloaded and installed automatically. If you have not, it is critical that you run the security update from Microsoft, as well as all other important security updates through the Windows Updater immediately.

If you would like to learn more about the Sandworm vulnerability, in-depth information can be found on iSIGHT Partners blog and Microsoft’s Security TechCenter.

Again, if you are not a Codero Managed Services customer and do not have automatic updating enabled, we strongly recommend you patch your Windows servers as soon as possible. Should you require assistance, please contact our support technicians. We are always available 24x7x365 to help.



Share on FacebookTweet about this on TwitterShare on Google+Share on LinkedIn