In view of recent events that have highlighted the persistent risk of the threat posed by cyber-attacks (http://www.bbc.co.uk/news/health-39899646) we strongly advise our customers to apply the following security update, released by Microsoft on March 14th, 2017: https://technet.microsoft.com/en-us/library/security/ms17-010.aspx?f=255&MSPPError=-2147217396, if not having done so already.
Microsoft have announced a vulnerability in Microsoft Server Message Block 1.0 (SMBv1) server. This service (SMB) is utilised to present shares, printers and more on a Microsoft Domain network.
This vulnerability exposes core Active directory components to Remote Code Execution from unauthenticated attackers. They would be able to execute any code they wished to potentially gain access to the entire network.
The patches Microsoft have provided should be tested installed as a matter of urgency.
Specific Security reports of the Common Vulnerabilities and Exposures (CVEs) are below:
Windows SMB Remote Code Execution Vulnerability : CVE-2017-0143
Windows SMB Remote Code Execution Vulnerability : CVE-2017-0144
Windows SMB Remote Code Execution Vulnerability : CVE-2017-0145
Windows SMB Remote Code Execution Vulnerability : CVE-2017-0146
Windows SMB Remote Code Execution Vulnerability : CVE-2017-0148
The released patches target the SMBv1 service and the way it handles the particular requests that can be used to exploit it.
Please be assured that NetShop ISP continues to take the necessary measures to ensure that our IT environment remains secure, in order that our customers, who depend on the resilience of our infrastructure for continuous service, remain secure also.
For any further assistance please do not hesitate to contact our 24/7 Support team via e-mail (support@netshop-isp.com.cy) or Skype (noc.netshop).
