Manipulating WSUS to Own Enterprises

This concerns me.  Fear associated with the patching process has the potential to be one of the greatest weaknesses in the overall security of organizations.  If a business is afraid to apply patches due to potential vulnerabilities in WSUS, then a significant battle is lost and all of the organization’s end points are at risk.  And from this demonstration at Black Hat, there is a solution in the form of SSL with proper certificate management, but Microsoft has placed that burden on the end user organization.  This issue should be addressed and it should be addressed quickly.

https://threatpost.com/manipulating-wsus-to-own-enterprises/114168

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s