SE Alert: WinShock Zero-Day Vulnerability

On Tuesday, November 11, 2014, Microsoft announced a recently discovered vulnerability in all versions of the Windows operating system at the same time they released an update to fix this. The IBM researcher who discovered it reports that “The bug can be used by an attacker for drive-by attacks to reliably run code remotely and take over the user’s machine.” A “drive-by” attack occurs when you are browsing a web site, malicious code is downloaded onto your computer without your knowledge. There have been no reported exploits in the wild however, but that is expected to change.

What should you do to protect your systems?

  • Verify that you have Windows Update turned on to automatically apply updates.
  • Make sure the Microsoft update KB2992611 has been applied to all systems.
  • To check your Windows system, go to Control Panel > System and Security > Windows Updates > View Update History
  • For specific instructions for your operating system see Microsoft Bulletin MS14-064.

All SE Secure, SE Monitoring and SE Desktop Patching clients will have the update applied by us over today and tomorrow.  You should expect to see an out-of-band patch notification today.  Note that SE Monitoring clients will still need to address the updating of their desktop systems.

If you have specific questions or concerns please contact us at 207.772.3199 or