Three Things to do in Response to the Sandworm Threat to Windows Security

Three Things to do in Response to the Sandworm Threat to Windows Security

Posted by Charles Killmer - Netgain’s Security Officer on Oct 16, 2014 11:37:52 AM

ID-100131185Executive Summary:

Earlier this week, Microsoft privately released a patch for a critical vulnerability affecting all modern versions of Windows.  Without this patch, a malicious file can download and execute other malware from the internet allowing complete control of the affected computer.

Technical Details:

This will likely be attacked through a phishing attack.  Upon opening, the attachment will attempt to exploit the vulnerability.  If successful, it can subsequently install any malware.  That malware could provide backdoor access to someone on the internet or, in the case of crypto ransomware, encrypt everything on the computer and hold it for ransom.

Three things you should do:

  • This is a good opportunity to remind your staff of the real threat that phishing attacks can present.  The best remedy is prevention.  If people do not click on malicious links, this malware can go nowhere.  Unfortunately, prevention is the hardest remedy to apply.

  • People will make mistakes.  If they do, they need to report the mistake as soon as possible. Having people report the mistake adds yet another layer of security to preventing further system compromise.

  • Additionally, check with your IT staff to ensure that your workstations will be patched for this vulnerability as quickly as possible.

Is Netgain affected by this?

The Netgain security team evaluated our possible exposure and immediately began applying the patch to our systems.  In the absence of this patch, our systems are protected by other layers of protection.  Application Whitelisting limits the ability for malware to execute on Netgain systems. AntiVirus will detect and delete known malware.  Our Intrusion Detection System will alert us to if any attacks are detected.  Finally, our weekly vulnerability scans will confirm the successful install of the patch.

If you have any questions, please contact our Security Officer, Charles Killmer, via email at

eBook: 13 Steps to Preventing & Addressing IT Downtime in Your Practice: In Blog
Like what you read? Click here to subscribe to our blog!
Image courtesy of: cooldesign/

Topics: Sandworm Threat, phishing attack, Windows Security

Thanks for visiting the Netgain IT blog.  The goal of our blog is to help our readers stay current on the changing needs and requirements of IT.  

We do this by proactively bringing ideas, expertise, and solutions to your attention, which enables you to communicate the related technology, security or compliance best practices to your employees.



Subscribe to Email Updates

Check out our latest resources:

New Call-to-action

New Call-to-action

New Call-to-action




Recent Posts

Posts by Topic

see all