On July 13, Microsoft released a large set of system updates and patches to all versions of Windows, including Windows 10 and Server. There are 117 patches in the Windows 10 bundle, many of which are considered "critical". And these patches apply to many Windows services (https://msrc.microsoft.com/update-guide/releaseNote/2021-Jul).
One of the nastiest vulnerabilities being patched is PrintNightmare, which exploits Windows Print Spooler and allows the execution of code by a remote party. Microsoft's patch is CVE-2021-34527 (https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-34527), which is included in the July 13 patch bundle. Our team is also disabling the Print Spooler service on our client's servers and workstations that don't need it.
With the recently discovered vulnerabilities in Windows and the critical classification of many patches, LeeShanok's team is increasing the methods we use to apply patches to our client's workstations. You can expect your employees to see more prompting of system patching and required reboots. When prompted to reboot a workstation, please do so as soon as possible.
We have also implemented Ransomware Monitoring within our RMM (remote monitoring & management) system as an additional layer of detection and prevention. In the event of Ransomware activity on a client's workstation, this will isolate the device from communicating with the rest of the network, while still allowing our RMM solution to connect for troubleshooting and remediation.
As always, feel free to contact us to discuss your situation and how LeeShanok's affordable Managed IT Plans can help your computing and communication needs.
Your technology Partner,
The LeeShanok Team
Phoenix: 602-277-5757 | Tucson 520-888-9122 | firstname.lastname@example.org