Freely subscribe to our NEWSLETTER

TK Keanini, CTO, Lancope

"System administrators should already have a process to review and patch each Patch Tuesday. Those who have these good habits remain secure; those who have bad habits need reminders or ultimately get compromised before they get around to updating.

This bug effects the listening side of the connection traditionally the server, but it is difficult these days to make this differentiation with software installing on traditional desktop OS’s as servers. Online games are particularly notorious in installing listening ports for incoming connections so it is best that everyone just apply the patch regardless of the client or server designation

Attackers will just add this to their playbook as they explore your network for access vectors. You have two tasks: 1 is to patch and narrow the aperture of your target surface and but more importantly 2, have the telemetry in place so that if someone is performing this recognizance on your network, you can identify them and shut them down prior to exploitations or exfiltration. Put it this way: if banks had no security cameras or incident response, crooks could show up with tools & torches and take their time as they made their way into the safe."

Amichai Schulman, CTO, Imperva

"The advisory from Microsoft does not state that hosts running web servers are more vulnerable than others to this. It seems that while the same patch includes enhancement to the TLS ciphersuite list, this enhancement has nothing to do with the vulnerability being patched. If this vulnerability is indeed exploitable via SSL / TLS it is more sever in nature than Heartbleed because this is a remote code execution vulnerability – it allows the attacker to completely take over the server (while Heartbleed attempted, opportunistically to collect sensitive information)."