LATEST WINDOWS10 VULNERABILITY ALLOWS UNINTENDED USERS ADMINISTRATIVE ACCESS
Microsoft has issued an urgent security notice regarding HiveNightmare (also known as SeriousSAM), which is a vulnerability that can allow a regular user unintended administrative access to an organization’s network. This is a low external risk and high internal risk to environments as the information exposed could potentially allow a skilled attacker to run programs and administrative tools with full administrative privilege on any domain computer.
As of August 6th, 2021 Microsoft has released a workaround solution for systems that are vulnerable to the HiveNightmare security flaw. No patches have yet been released by Microsoft. If you would like more details regarding this vulnerability, they can be found here.
SWICKtech reviewed the details provided by industry leaders, as well as vulnerable clients that ranged from small to medium size in various industries including manufacturing, distrubution, healthcare, retail, and food and beverage. Through SWICKtech’s remote monitoring and management system, SWICKtech’s Security and Operations Center (SOC) remediated the HiveNightmare vulnerability for all clients. SWICKtech’s clients also have capabilities for detection, should an issue arise. These include cybersecurity software such as Microsoft Defender, Endpoint Detection and Response, and SIEM in some instances.
SWICKtech will continue to monitor the details of the vulnerability, keeping client’s network and data security top priority. Please contact us if you have questions regarding HiveNightmare or cybersecurity.