Critical Security Update (2024 March 13)
Critical Security Update
Urgent Microsoft Updates, Fortinet Updates (again), Okta
Risk 1: High
Issue: Microsoft pushed out its latest round of patches, accounting for nearly 60 updates earlier. Many (18) of these enable administrative access or remote control.
Resolution: It is critical to update to the latest version (yes, I know it is mid-filing season, but this is critical).
Risk 2: High URGENT
Issue: A vulnerability in Windows Defender, Microsoft’s security suite, has been located that allows malware to bypass security scans and protocols. This is an extreme risk and should be addressed immediately.
Resolution: Microsoft released a patch and it is available in the above mentioned security update. However, we wanted to make special note that this is one of the reasons Financial Guardians recommends using an alternative solution to just using the same operating system and security suite. The “putting all of your eggs in one basket” can be risky. Don’t be shy to complement your tools.
Risk 3: Medium
Issue: Fortinet has recognized a vulnerability in their Endpoint Management Software that allows attackers to remotely execute code on your machine.
Resolution: A patch has been applied for Fortinet users so a security update should have corrected this. Highlighting here as this is the second week for Fortinet vulnerabilities.
Risk 4: Low
Issue: Okta, a security company, recently was accused of having an information breach with its data being made available online.
Resolution: All sources state this is not accurate and that no breach occurred.