A Note From the Help Desk: Microsoft Windows Support Diagnostic Tool Vulnerability

ATTENTION ONLINE AND SELF-PROCESSING CREDIT UNIONS

Microsoft Windows Support Diagnostic Tool Vulnerability

What Is It?

CU*Answers Network Services is tracking a recently announced security vulnerability when the Microsoft Windows Support Diagnostic tool is used to execute arbitrary code with the privileges from another application such as Microsoft Word.

How Does It Work?

The primary method of executing this vulnerability is through email phishing attacks.  Bad actors will send an email attempting to dupe the recipient into opening or previewing an attachment with malicious content embedded in the file.  If the file is opened or accessed via the preview function, the attacker could install programs, view, change, delete data, or create new accounts in the context allowed by the user’s rights.

Successful exploitation of this vulnerability requires users to take an action on their computer, so training your users not to click on links, access attachments that are unexpected, or install software on their computers is your best first line of defense.

What Is Microsoft Doing About It?

Microsoft has released a workaround that disables built-in Windows functionality involving the Microsoft Support Diagnostic Tool.  This will break the ability to launch troubleshooting tools via links within the operating system.  Please refer to the Microsoft Security Response Center article for more details: Guidance for CVE-2022-30190 Microsoft Support Diagnostic Tool Vulnerability – Microsoft Security Response Center.

What Can You Do About It?

As mentioned, your best course of action is to educate and frequently remind your users not to fall victim to phishing attacks.  Do not let users operate with local administrator rights.  Keep your anti-virus software up to date, and use your firewall to restrict outbound access to the Internet to only those sites required to run your business.

Implementing Microsoft’s Mitigation Steps:

CNS can implement Microsoft’s documented workarounds on your network if requested by you, but we will not be making these changes proactively, due to the need to modify each computer’s registry settings as well as remove built-in Windows functionality of the Windows Explorer program.

If you would like to proceed with these workaround steps, please contact the Help Desk to open a ticket for this work.  In the ticket request, please reference “CVE-2022-30190 Mitigation Steps” so that we can track the work we will do on your network.

CNS will assess our normal hourly fee on a time and material basis for implementing Microsoft’s recommended mitigation steps and troubleshooting any issues that occur due to the implementation.  However, it is important that you communicate the reduced functionality with your staff prior to work being done.

 

If you have questions or concerns, please contact the Help Desk at extension 266, or by email.

Join Network Services for our September Boot Camp!

Join Network Services for our September Boot Camp!

Join us September 28th and 29th for a two-day boot camp!  This is an opportunity for your credit union IT members build their knowledge of core product deployment and support.  Please note: seating for this event is limited – if you are interested in attending, we encourage you to sign up soon! One of our… Read more »

Aug 5, 2022

CU*Answers Network Services Logistics team rebrands to better align with core team functions

Cooperative CUSO CU*Answers recently announced that as its Network Services Logistics team’s responsibilities have grown, it has rebranded as the Procurement and Fulfillment team. The new Procurement and Fulfillment (P&F) team is responsible for sourcing products and software (for internal and external projects), finding alternative solutions, and closely collaborating with project coordinators, network engineers, and […]

Aug 2, 2022

A Note From the Help Desk: SonicWall Global Management System Maintenance

A Note From the Help Desk: SonicWall Global Management System Maintenance

ATTENTION NETWORK SERVICES FIREWALL MANAGEMENT CLIENTS SonicWALL Global Management System Maintenance What Are We Doing? We will be performing an upgrade to the server that our SonicWall Global Management System (SGMS) operates on. Why Are We Doing This? We are performing this upgrade to ensure the continued reliable operation of the SonicWall Global Management System…. Read more »

Jul 25, 2022

A Note from Network Services: Potential Impact to Your Legacy Copper Circuits

A Note from Network Services: Potential Impact to Your Legacy Copper Circuits

Potential Impact of FCC 1972 on Your Legacy Copper Circuits – Effective 9/30/2022 On 8/2/2022, The FCC 1972 plan – passed back in 2019 – will go into effect.  This means that carriers are no longer required to sell or support traditional copper lines, including POTS, PRI, T1, MPLS T1, T3 and DS3 circuits.  This… Read more »

Jul 18, 2022

A Note from Network Services: MPLS Data Line Price Increases

A Note from Network Services: MPLS Data Line Price Increases

Notice of MPLS Data Line Price Increases Many credit unions use MPLS lines to connect to CU*Answers for their data processing.  CU*Answers has been notified by Lumen (formerly CenturyLink), the provider of our MPLS data network, that they will be passing along price increases on data lines that they receive from third party last mile… Read more »

Jul 14, 2022

Have a question for CU*Answers? Who do you call?

Have a question for CU*Answers?  Who do you call?

At CU*Answers, we know how important it is that your Credit Union gets the appropriate help in order to meet your day-to-day data processing needs.  When you don’t know exactly who to call, we recommend that you get started by reaching out to either the Client Services and Education Team or the Network Services Team…. Read more »

Jul 8, 2022

A Note from Network Services: MPLS Data Line Price Increases

A Note from Network Services: MPLS Data Line Price Increases

Notice of MPLS Data Line Price Increases Many credit unions use MPLS lines to connect to CU*Answers for their data processing.  CU*Answers has been notified by Lumen (formerly CenturyLink), the provider of our MPLS data network, that they will be passing along price increases on data lines that they receive from third party last mile… Read more »

Jul 5, 2022

A Note from Network Services: MPLS Data Line Price Increases

A Note from Network Services: MPLS Data Line Price Increases

Notice of MPLS Data Line Price Increases Many credit unions use MPLS lines to connect to CU*Answers for their data processing.  CU*Answers has been notified by Lumen (formerly CenturyLink), the provider of our MPLS data network, that they will be passing along price increases on data lines that they receive from third party “last mile”… Read more »

Jun 7, 2022

A Note from Network Services: Netwrix Auditor Vulnerabilities

A Note from Network Services: Netwrix Auditor Vulnerabilities

Netwrix has disclosed vulnerabilities to Netwrix Auditor and has released an updated version, version 10.5, to resolve these vulnerabilities.  We urge clients using this platform to review their Netwrix Auditor version information and update to version 10.5 as soon as possible.  Netwrix has indicated that there is no evidence that these vulnerabilities were disclosed to… Read more »

Jun 7, 2022

A Note From the Help Desk: Microsoft Windows Support Diagnostic Tool Vulnerability

A Note From the Help Desk: Microsoft Windows Support Diagnostic Tool Vulnerability

ATTENTION ONLINE AND SELF-PROCESSING CREDIT UNIONS Microsoft Windows Support Diagnostic Tool Vulnerability What Is It? CU*Answers Network Services is tracking a recently announced security vulnerability when the Microsoft Windows Support Diagnostic tool is used to execute arbitrary code with the privileges from another application such as Microsoft Word. How Does It Work? The primary method… Read more »

Jun 2, 2022