November 2019 Patch Tuesday Forecast: Out With Old, In With The New (Nov 8, 2019)
With the upcoming End-Of-Life (EOL) for Windows 7, users are reminded to assess their operating system. Using an unsupported operating system leaves the user open to attacks such as ransomware, as attacks will exploit vulnerabilities. Support for Windows 10 Home, Professional and Professional Workstations Version 1803 is also ending. For users not intending on upgrading, it is highly recommended to put in place mitigation such as application control, privilege management and restrict network access to prevent against exploitation.
Recommendation: It is important that your company has patch-maintenance policies in place, particularly when there are Bring Your Own Device (BYOD) policies in use. Once a vulnerability has been reported on in open sources, threat actors will likely attempt to incorporate the exploitation of the vulnerability into their malicious operations. Patches should be reviewed and applied as soon as possible to prevent potential malicious activity.
Indicators of Compromise (IOCs) associated with this story can be viewed by ThreatStream users here to identify potential malicious activity.