On Friday, Microsoft confirmed that an unpatched vulnerability exists in Windows 7, but is keeping the issue low key, saying most users may be protected from attack by blocking two ports at the firewall.
The vulnerability was intially reported by researcher Laurent Gaffie last Wednesday, when he disclosed details of the bug, and posted proof-of-concept attack code on his blog. According to Gaffie, exploiting the flaw completely grinds Windows 7 and Server 2008 R2 to a halt – and the only way to fix is to manually power off the impacted computer. Anyone else tried this yet to confirm?
When this was first publisised, Microsoft only indicated that they were looking into the issue, however it has now been confirmed, as Microsoft acknowledged that a bug in Server Message Block (SMB) a network file and print sharing protocol, could be used by attackers to cripple Windows 7 and Windows Server 2008 R2 machines in a recent security advisory.
Microsoft said it will patch the issue, however haven’t provided details of the timeframe or any commitment to an out-of-cycle update.
The next scheduled patch Tuesday is December 8th 2009.
For now, Microsoft have suggested users block TCP ports 139 and 445. In doing so, this may cause further problems for critical services, including network file sharing and IT group policies.
In Microsoft’s defence, although this is not good news it is worth noting that much fewer issues are being discovered, as compared to the initial days of XP.
Let’s hope that the Windows 7 product remains as secure as Microsoft have advertised.
If like me, you are hosting your own installation of WordPress for your online blog site, you may have some concerns about keeping your install up-to-date and as secure as possible.
Unfortunately the reality is that there have been a number of serious security vulnerabilities found with WordPress recently, and as a result a number of people have had their web sites hacked, and defaced. I personally know of a number of people who have been directly impacted over the past few months.
As social online media becomes more and more popular, celebs and high profile company executives are often looking to host their own blogs or sites. Additionally the functionality that WordPress and it’s plug-ins can provide has become a very attractive and popular solution, especially when most web hosting companies provide WordPress as a standard offering as part of their hosting service. Hence there are all sorts of WordPress hosted websites which are considered easy pickings and potential targets for hackers who are intent on breaking into and defacing – mainly because they are not managed or maintained from a maintenance / security perspective.
For anyone who is currently hosting their website on WordPress, or for anyone from a corporate or high profile – when it comes to security - you just need to ask yourself two simple questions:
1. Would you be embarrassed if your web site was hacked and / or defaced?
2. If your site was hacked – would it impact your personal brand / reputation or your companies brand / reputation?
Some people may not care, however for the majority most respond with a firm ”YES” – so obviously security is a major consideration for most people out there.
It’s not that hard to protect a WordPress site. It comes back to the process of regularly reviewing and plugging any holes to minimise the potential for a person of malicious intent in findings vulnerabilities to exploit.
WordPress have released a number of updates to fix the vulnerabilities found, however like any platform or product that has a large following or user base, there are a lot of bad guys who are focused on finding more holes due to it’s popularity. WordPress as a result have released a number of updates over the last few months.
Check the WordPress web site for further details.
Below are a few key points and recommended plug ins which I’d suggest you follow if you want to protect your WordPress installation:
1. Make sure your WordPress installation is up-to-date, and when a new fix is made available update as soon as possible – obviously making sure you perform a full back up prior to doing so. Vulnerabilities are often found enabling the bad guys to create and use exploits in order to gain access to your web site. By ensuring your version of WordPress is up-to-date, you are minimising the potential vulnerability exposure.
2. Ensure that any WordPress plug-ins are up-to-date also. Same logic as per the point above.
3. I’d recommend that you give some thought as to the WordPress plugins you use, in order to further minimise the potential exposure. Only use plugins that provide additional features if you really really need to use them. e.g. you might have a requirement to remotely administer your site using an additional plug-in via an iPhone. How secure is this functionality and it’s related plug-in? Would it be better to just use the more secure browser based functionality?
4. For any functionality or plug-ins providing user input, ensure you use plug-ins that enable full input validation, blacklisting, IP blocking etc etc. Actively block iFrames which helps minimise the usual techniques applied in the input fields to prevent misuse. Also ensure you use a spam filter (see plug-ins below) to enable you to review and authorise feedback / comments prior to them appearing on your site… useful if you have friends or colleagues who are security professionals trying to fun-deface your web site!!
5. There are several security related plug-ins which help to minimise the potential security exposure. I’d highly recommend the following plugins. Note to my colleagues and friends who often try to hack my site – this is not a “complete” list of plug-ins I personally use, but some the core ones that I know, use and recommend to others:
There are a few more things you can do to fully protect your WordPress install, including the hosting operating system and database it sits on. I don’t want to bore you with these details, but for those who are serious about security, you are hopefully aware that there’s a bit more that can be done.
Get in touch with me direct via my contact page if you need any further info or advice.