> Protect yourself
Digital Integrated Systems encourages you to review the Microsoft Security Advisory for CVE-2019-0708 and apply the recommended measures as appropriate to your setup and type of your network.
• Above all you need to download and install the latest updates available.
• Upgrade Endo Of Life (EOL) Operating Systems like Windows XP to newer and supported operating systems such as Windows 10.
• Disable unnecessary services not used by the operating system. This best practice limits your exposure to existing vulnerabilities.
• Enable Network Level Authentication in Windows 7, Windows Server 2008 and Windows Server 2008R2. This forces the session request to be authenticated, which automatically mitigates against KeepBlue since it needs the first packets to be sent through an un-authenticated connection.
• There is some advice going around the internet for enterprises to disable port 3389 on their perimeter firewall; since it is used to initiate RDP sessions. Unfortunately, this measure cannot protect you from internal unauthenticated sessions being initiated (any infected machine connected to the local network will not even go through the firewall), and if Microsoft knows what they are talking about this vulnerability has worm capabilities! So, it will transfer itself from any infected computer to any other on the same network.
Also, this measure will block legitimate RDP sessions that you may need to maintain for the daily operations depending on the nature of your business.
If you have any further questions do not hesitate to communicate with us on our phone number or via our social media, and follow our regular posts and advice on how to remain safe out there on the internet!
Protect Yourself, Never click under the influence!