There’s been a lot of news or our industry on the cybersecurity and software vulnerabilities front lately. Below I write about the issues with the OEM wireless presentation products discovered by security firm Tenable
, which found vulnerabilities first in a Crestron product, which subsequently led researchers to seven other products on the market under different brands with the same problem
I also got a tip last week (Thanks, Stefan
!) about a patch Microsoft released for a vulnerability in Remote Code Execution (CVE-2019-0708)
that affects some older version of Windows. This vulnerability is “wormable,” which means that it could be used to infect machines without any user action, and it can be done so remotely (similar to a ransomware called WannaCry, or WannaCrypt)
that wreaked havoc on systems, primarily in Europe, in 2017 by encrypting files until a ransom was paid).
Microsoft has found this new vulnerability, now nicknamed BlueKeep
, before anything malicious could happen, such as in 2017, when a similar vulnerability allowed a ransomware called WannaCry, or WannaCrypt
wreaked havoc on systems, primarily in Europe, in 2017 by encrypting files until a ransom was paid. If you’re running any servers with Windows 7, Windows Server 2008 R2 or Windows Server 2008, you need to install this patch immediately (apparently it’s particularly important for Windows 7 and Server 2008). See Microsoft’s incident report with details on how to patch here
. Read McAfee’s blog on why you need to patch here
This issue has so much pre-InfoComm show news. If you’re going to InfoComm, don’t forget to register with our code RAVE
to get in free. Were also helping InfoComm do a 5K on Friday before the show opens to benefit the AVIXA foundation, which you can register for here
. Gary and Chuck Espinoza are also getting into some dunk tanks to help raise more money. You can donate to take some shots at them here
. (Yes, really.)
Enjoy the issue.