Microsoft’s most critical vulnerabilities in the past 6 months

The vulnerabilities within Microsoft programs could be dangerous for hospitals and health systems that employ the tech giant’s services.

Advertisement
Katie Adams

Here is a roundup of the most notable Microsoft vulnerabilities Becker’s Hospital Review has covered in 2020 so far.

  1. In January, the National Security Agency discovered a flaw in the digital signatures Microsoft uses to help prevent malware from being downloaded on a computer in its Windows 10 operating system. If exploited, the flaw would allow hackers to download malware on the computer without being detected.
  2. Microsoft released a notice Jan. 22 about a data breach within an internal customer support database used for support case analytics. The notice came after the company discovered that a change within the database’s network security group had misconfigured security rules in December.
  3. The IBM X-Force Threat Intelligence Index 2020, released Feb. 11, cited various vulnerabilities in older versions of Microsoft Office and Windows servers that hackers are exploiting.
  4. Hospitals and health systems that continue to run their computers on Windows 7 could be left vulnerable after Microsoft ended its support for the operating system Jan. 14.
  5. Microsoft warned dozens of hospitals about vulnerabilities within virtual private networks that they use to assist their remote staff in April. The tech giant said these “human-level” ransomware attackers could exist on a victim’s network for months undetected. 
  6. In April, Microsoft fixed a vulnerability in Microsoft Teams that would have allowed hackers to tap into a subdomain takeover flaw using a malicious GIF that extracts personal user data from the workplace communication platform.
  7. The FBI, the Cybersecurity and Infrastructure Security Agency, and the U.S. government developed a list of the most routinely exploited vulnerabilities by cyberattackers in May. Seven out of the 10 most exploited vulnerabilities involved Microsoft.

More articles on cybersecurity:
Quantum Imaging employee shared patient X-rays on Facebook, company says
California health plan email hack exposed info of nearly 36,000 members
Maryland long-term care facility network hack exposes 47,754 residents’ info

Growth, mission + fragmentation: How academic health systems are confronting the next decade

Recommended Whitepaper

Advertisement

Next Up in Cybersecurity

Advertisement

Comments are closed.