Google, Windows Gaming (Winos4.0), Cisco, Android Devices
Risk 1: Low
Issue: This is not a vulnerability, just a warning.
Google has announced that all new accounts starting in 2025 will require Multi-Factor Authentication. By the end of 2025, all existing accounts will be required to have MFA enabled.
Resolution: While we have all been under an MFA requirement already, this will push it to many of our clients as well. Hopefully, this makes it easier to have security-related conversations with our clients.
Risk 2: Medium
Issue: A vulnerability has recently been growing in popularity named Winos4.0 - this exploit is typically connected to low-end and fake games installed on many Windows machines. If exploited, remote code can be executed, even allowing remote access. This one is particularly dangerous as it masquerades as free “time-wasting” games many download to pass the time.
This malware also searches for and disables locally installed security software before detected if you do not have live scanning features turned on.
Resolution: If caught before being disabled, many security applications will remove. If your security suite has been disabled, you may want to seek a professional for assistance.
This also serves as a good reminder to ensure your security policy does not permit the downloading or installing of non-business critical applications. recent update.
Risk 3: High
Issue: Cisco has announced a vulnerability in their Ultra-Reliable Wireless Backhaul devices that allows remote actors to monitor and steal data transmitted through these devices.
Resolution: Cisco has released an update. Please apply this update as soon as possible. This is a work-stoppage update meaning it is severe and active enough to warrant a mid-day update.
Risk 4: High
Issue: Google has released 51 updates to its Android operating system - two are critical zero-day vulnerabilities that allow for remote and unknown code to be executed.
Resolution: Based upon the device and carrier you use, you should have received a system update. This update should be applied immediately.
Financial Guardians is a proud member of InCite, the recently launched online community exclusively for tax professionals, bookkeepers, and accountants.
