Exploited Microsoft Vulnerability Is an Important Reminder About Preparing for Zero-Day Attacks

A recent Microsoft zero-day vulnerability is offering a critical reminder to businesses about the importance of cybersecurity awareness and prevention, as well as the need for ongoing proactive monitoring for cyber threats.

Last week, Microsoft identified a vulnerability within its Microsoft Support Diagnostic Tool (MSDT), discovered in part after several local governments were targeted with phishing attacks.* On Monday May 30, 2022, Microsoft issued CVE-2022-30190 regarding the remote code execution vulnerability, which exists when MSDT is called using the URL protocol from a calling application such as Microsoft Word. An attacker who successfully exploits this vulnerability can run arbitrary code with the privileges of the calling application. The attacker can then install programs, view, change, or delete data, or create new accounts in the context allowed by the user’s rights.

FOR OMEGA CUSTOMERS:

Omega provided temporary mitigation from Microsoft to all its Smart Support (managed IT services) customers within hours of its release; additional coverage for the exploit was provided by Sentinel One EDR.

As of the date of this article publishing, Microsoft has not released a patch for CVE-2022-30190, however Omega Systems has created an automated script for Smart Support customers to provide the necessary mitigations to systems until a full patch is provided by Microsoft.

This latest zero-day attack is an important reminder of the continually evolving threat landscape in which hackers will attempt to exploit potential weaknesses at the endpoint, network, server and/or application levels.

What is a Zero-Day Attack or Exploit?

A zero-day exploit is a type of cybersecurity attack that targets a software or system vulnerability before it is known to the vendor or developer. Essentially, hackers are able to take advantage of a security flaw that allows them access to a vulnerable system before any such weakness has been identified by the owner.

Because the hacker has already infiltrated the system or application, developers have ‘zero days’ to mitigate the effects and need to work as fast as possible to develop and issue a patch to resolve the issue.

How Can You Detect Zero-Day Vulnerabilities?

In many cases, businesses and software developers fail to detect zero-day vulnerabilities until it’s too late – leaving them to scramble to mitigate potential fallout. But there are many proactive security measures that businesses (and their managed services providers) can take to protect against potential zero-day attacks, including:

  • Keeping software up-to-date and following regular patching and maintenance cadences
  • Employing next-generation antivirus and anti-malware technologies
  • Implementing endpoint detection & response tools to stop unwanted traffic at various levels (firewall, network, application, etc.)
  • Monitoring for suspicious/malicious activity via a security information and event management (SIEM) tool
How We Can Help

Omega Systems’ managed IT services platform (Smart Support) includes support and remediation for ongoing viruses, malware and other suspicious activity on your network, as well as networking monitoring, endpoint security and third-party patch management to close security holes and guard against malicious attacks.

For businesses interested in a deeper level of cybersecurity protection, our Smart Secure managed cybersecurity solution includes advanced SIEM capabilities and threat detection monitoring to give you additional peace of mind while mitigating risk in today’s constantly evolving threat landscape.

Contact Us
By |2022-06-09T08:50:31-04:00June 8th, 2022|Cybersecurity|Comments Off on Exploited Microsoft Vulnerability Is an Important Reminder About Preparing for Zero-Day Attacks