There’s been a lot of news or our industry on the cybersecurity and software vulnerabilities front lately. I wrote about the issues with the OEM wireless presentation products
discovered by security firm Tenable, which found vulnerabilities first in a Crestron product, which subsequently led researchers to
seven other products on the market under different brands with the same problem.
I also got a tip recently (Thanks,
Stefan!) about a patch Microsoft released for a
vulnerability in Remote Code Execution (CVE-2019-0708) that affects some older version of Windows. This vulnerability is “wormable,” which means that it could be used to infect machines without any user action, and it can be done so remotely (similar to a ransomware called
WannaCry, or WannaCrypt) that wreaked havoc on systems, primarily in Europe, in 2017 by encrypting files until a ransom was paid).
Microsoft has found this new vulnerability, now nicknamed
BlueKeep, before anything malicious could happen, such as in 2017, when a similar vulnerability allowed a ransomware called
WannaCry, or WannaCrypt wreaked havoc on systems, primarily in Europe, in 2017 by encrypting files until a ransom was paid. If you’re running any servers with Windows 7, Windows Server 2008 R2 or Windows Server 2008, you need to install this patch immediately (apparently it’s particularly important for Windows 7 and Server 2008). See Microsoft’s
incident report with details on how to patch here. Read McAfee’s blog on
why you need to patch here.
This issue has so much pre-InfoComm show news. If you’re going to InfoComm, don’t forget to
register with our code RAVE to get in free. Were also helping InfoComm do a 5K on Friday before the show opens to benefit the AVIXA foundation,
which you can register for here. Gary and Chuck Espinoza are also getting into some dunk tanks to help raise more money. You can
donate to take some shots at them here. (Yes, really.)
Enjoy the issue.