Home Security
PC Matic
PC Matic VPN
More Products
Support Unlimited
Identity Theft Protection
PC Magnum
Threat Awareness
How PC Matic Protects You
SuperShield Whitelist
Compare PC Matic
Norton
McAfee
Avast
AVG
Business Protection
PC Matic Pro
PC Matic MSP
Solutions
Allowlisting
Script Enforcement
Device Control
Patch Management
Remote Tools
Integrations
Server Security
Learn More
Resellers
Affiliates
Resources
Case Studies
Compare PC Matic Pro
ThreatLocker
Airlock Digital
VMware Carbon Black
AppLocker
For Federal
Partner Programs
Managed Service Providers
Channel Partners
Affiliate Partners
OEM Partners
Resource Center
All Resources
Case Studies
Data Sheets
User Guides
White Papers
Blog Resources
PC Matic Blog
Business Security
Home Security
Cyber News
Scam Alerts
Customer Service
Home Support
Business Support
Learn More
Getting Started
Knowledgebase
Tech Support Scams
Fake Virus Scams
Tools & More
Ransomware Center
Internet Speed Test
PC Matic
About
Careers
Learn More
Industry Recognition
Leadership
Commercials
Stay Up-to-Date
Newsroom
Blog
Events
TechTalk Podcast
Home Customers
My Account
PC Matic App
Add a Device
Renew Subscription
Business Customers
Business Login
Business Support
Search
Malware

Leaving Windows Systems Outdated Is Convenient Until It’s Not…

We’ve all heard about it, and perhaps even experienced it — the resistance and potential issues with keeping our operating systems updated. Whether it’s a home user or businesses, each may have their own reasons for not updating their operating systems. And no one can force them. However, with Windows 7 losing support in early 2020, those users will be left with unpatched systems. To some, it may not be a big deal. Running a dated version of Windows isn’t perceived as a threat, until it is…

Ransomware Targets Unpatched Windows Machines

Regardless of the version of the operating system installed on the PC or server, users must ensure it is up to date. Why? Because if it isn’t, there are unpatched security holes that are leaving a door wide open for cyber criminals.

Am I being dramatic? No.

Recently, a security gap was found in Intel’s Processor Diagnostic Tool. The impacted versions include version 4.1.2.24 and below. For those who have installed this tool, it is imperative they complete an update immediately. Intel has identified this security hole’s severity as high due to the risk of improper access control. To access the patch, click here.

In addition to the Intel vulnerability, a new ransomware variant, called Sodin (also known as Sodinokibi or REvil), is exploiting another Windows vulnerability to gain access to unpatched Windows servers and PCs. Once hackers gain access using this security hole, they begin the installation of a malicious file, radm.exe. By using this security hole, hackers no longer need to rely on users to click on a link or attachment to download the malware. They’ve successfully eliminated the middle-man.

So how can one prevent falling victim?

There are two ways.

First, and likely the most obvious approach would be to ensure the operating systems are updated on all devices.

Second, would be the deployment of application whitelisting. Whitelisting only permits known trusted programs to run. Therefore, regardless of the type of malware the hacker attempts to install on the device, it will not install as it is not a good file.

Best practice would be both, as one should not replace the other.

Stop Responding to Threats.
Prevent Them.

Get Protected

Want to get monthly tips & tricks?

Subscribe to our newsletter to get cybersecurity tips & tricks and stay up to date with the constantly evolving world of cybersecurity.

Related Articles