‘Patching’ is considered something you do when there is a hole in your trousers or top, this is exactly the same within the technology world but instead, patching involves the operating systems or the computer program.
More often than not, applying updates on your personal computer is a trivial endeavour. But for businesses, it is vital to keep software up to date in order to mitigate attacks and reduce your attack vector.
The complexity and impact of keeping systems up to date will vary across the industry. For example, running Windows XP or Windows 7 in the XRAY department of a hospital and not installing the latest updates will leave the organisation at risk. IT departments of organisations like this tend to refrain from updating such systems because it is highly likely that an update or an upgrade will force the software to become incompatible or troublesome.
Out of the 500,000+ endpoints Secrutiny has audited in the last year, 100% of organisations have had inconsistencies in their operating system build alone.
One organisation that we have audited in the past had Windows 7 v6.1 Build 7601 SP1 x64 as the majority of their active operating systems running across their business. The problem with this version is that it has several vulnerabilities as shown on the CVE (Common Vulnerabilities and Exposure) website.
Demonstration of exploiting operating systems.
The following is a demonstration of exploiting the operating system using CVE-2017-0143 (Windows SMB Remote Code Execution Vulnerability) on an unprivileged user, to gain privileged access:
SET UP: VICTIM
|OS||Windows 7 Home Basic X86 SP1|
SET UP: ATTACKER
|OS||Kali Linux X64|
Set the RHOSTS to be the IP of the target.
- Set RHOSTS 192.168.38.128
Set the RHOST to be the IP of the target.
- Set rhost 192.168.38.128
- Windows Vista SP2
- Windows 7 SP1
- Windows 8.1
- Windows RT 8.1
- Windows 10 Gold, 1511, and 1607
- Windows Server 2008 SP2 and R2 SP1
- Windows Server 2012 Gold and R2
- Windows Server 2016
A Cyber Risk Audit will determine which machines are susceptible to the SMB vulnerability.
While studying Computer Science at Kent University, Reehan Aslam worked at Secrutiny Ltd for a year as a Technical Analyst.
Reehan is currently centred on defending organisations and highlighting security flaws and risk within networks and applications.
His interests include Static Analysis, Network Traffic Analysis and Digital Forensics.
Keep Up To Date
Join our mailing list to receive the latest news and updates from Secrutiny.
GET IN TOUCH…
*We’d love to keep you up to date with security alerts, free tools & techniques, event invites and company updates. We’ll always treat your details with the utmost care and will never sell them to other companies for marketing purposes. Remember you can change your preferences and opt-out at any time.