15 November 2014

Trend Micro urges Windows users to update Windows to protect against the Winshock bug

A flaw recently discovered in Microsoft Windows has Trend Micro emphasising that Windows users should update their systems immediately. The problem lies in Microsoft’s delivery platform, which is meant to transfer data securely. Trend Micro says that users who ignore the problem are in a “wormable” situation that could enable attackers to commandeer their system without user interaction.

Christened “Winshock,” the bug received a score of 9.3 out of 10 by the Common Vulnerability Scoring System. Higher scores mean that the bug can cause more harm. Based on this classification, and the propensity for attacks following potential exploit announcements, Trend Micro’s Deep Security solution already provides protection against this vulnerability. Microsoft has also released a patch, or a solution against this problem, through Windows updates.

Said JD Sherry, VP, technology and solutions, Trend Micro: “When news like this breaks, cyber criminals go into hyperdrive developing attacks to take advantage of the flaw. As such, it’s important to quickly respond to avoid system disruption and compromise. We are urging our customers to make addressing this bug a top priority and we have provided resources accordingly to complement the latest Microsoft patches.”

Trend Micro experts recommend the following action:

§ Install Microsoft patches immediately
§ Use a browser other than Internet Explorer to reduce risks. Alternative browsers include Google's Chrome, Mozilla's Firefox, and Apple's Safari.
§ Employ newer versions of Windows platforms, supported by Microsoft

More  information can be found in the associated blog post here.