Skip to main content

Regular Microsoft Patch Updates Are Critical To Keeping Hackers Out

By June 29, 2016May 25th, 2021Blog, Cybersecurity

RegularXMicrosoftXPatchXUpdatesXAreXCriticalXToXKeepingXHackersXOutNow, you have another very good reason to upgrade to Windows 10. If you refuse to do that, then at the very least, you have a very good reason to move away from versions of Windows that are no longer receiving critical security updates (Windows XP, Windows Server 2003, etc.). A devastating security flaw has been found that researchers are calling “Bad Tunnel.” Using it, hackers could hijack all network traffic on any Windows PC.

The only saving grace is that there is some social engineering required. Users have to be tricked into accessing files via links or shortcuts in various application. Relying on this to save you, however, is thin protection indeed.

Bad Tunnel exists because of the way Microsoft implemented NetBIOS protocols on every version of Windows they’ve made. In terms of practical application, a hacker could use the exploit, redirect network traffic on that PC to a malware laden location, which would allow a takeover of the PC in question. The attacker does not have to reside on the same network, and firewalls and NAT devices will not prevent it.

Windows 10 has already been patched, via MS16-077, so this is not an issue for Windows 10 users, but everyone else is impacted, and of course, if you’re one of the millions of users still running Windows XP, the issue is simply not going to be fixed. No patches are coming, and it’s not something you can remedy on your own. At this point, the only option you have is to simply live with the heightened risk, or upgrade your OS.

Everyone knew that this day was coming. That sooner or later a critical security flaw would be uncovered that would put people who were slow to move away from unsupported OSs at dramatically increased risk. That day has now arrived. If the clock was ticking before, it just got a whole lot louder, and the alarm is going off.

Chris Forte

Chris Forte, President and CEO of Olmec Systems, has been in the MSP workspace for the past 25 years. Chris earned his Master’s Degree from West Virginia University, graduating Magna Cum Laude. He was a past member of the Entrepreneurs’ Organization, a current member of the New Jersey Power Partners and Executive Association of New Jersey, where he has previously served on its board of directors. In his spare time, Chris enjoys traveling with his family. He also admits to being a struggling golfer and avid watcher of college football and basketball. He currently lives in Boonton Township, NJ with his wife, two daughters, son, and black lab Luna.