<Healthcare Network> Server Vulnerability Remediation 6-19
X.X.X.40 – Phone Server
EOL/Obsolete Software: Adobe Flash Player Detected
- Adobe Flash uninstalled through Control Panel -> Programs and Features
Wireshark Multiple Vulnerabilities
- Wireshark needed on the server for packet capturing
- Uninstalled old version of Wireshark and did a fresh install through the application
- Confirmed new version of Wireshark is the most up to date version (3.4.6)
Google Chrome Prior To 91.0.4472.101 Multiple Vulnerabilities
- Google Chrome updates should be done automatically through the app
- Opened browser and checked version, which confirmed it was out of date
- Chrome automatically downloaded and attempted to install the update, required a relaunch to complete
- After multiple attempts relaunching the browser, update did not install
- Forced an update manually, browser still would not relaunch
- Attempted uninstall of Google Chrome for a fresh install, but uninstall wizard asked for all sessions be closed first
- Found multiple background processes in Task Manager of Google Chrome
- Ended all Google Chrome tasks, then relaunched browser
- Update had installed successfully, confirmed version was most up to date (91.0.4472.114)
SMB Signing Disabled or SMB Signing Not Required
- Went to Control Panel -> Programs and Features
- Selected “Turn Windows features on or off”
- Opened Removal Wizard and selected current server
- Deselected SMB 1.0/CIFS File Sharing Support and removed the feature
- Restart is required
Microsoft Internet Explorer Security Update for May 2021
- Rather than update Internet Explorer, it is recommended to remove or disable the feature
- Received approval from management that Internet Explorer is not required for this server
- Attempted to disable through Control Panel -> Programs and Features -> “Turn Windows features on or off”
- Option was not available for Internet Explorer
- Used Powershell as Admin to disable Internet Explorer through the command line instead
- Ran the command dism /online /Disable-Feature /FeatureName:Internet-Explorer-Optional-amd64
- Restart is required
Mozilla Firefox Multiple Vulnerabilities (MFSA2021-23)
- Mozilla Firefox uninstalled through Control Panel -> Programs and Features
- Mozilla Maintenance Service uninstalled through Control Panel -> Programs and Features
X.X.X.127
SSL/Birthday Attack Vulnerabilities
- Ensured registry keys had been inserted already to block insecure SSL and TLS protocols
- Edited the nsclient.ini file to close the NSClient exploits
- Restarted the NSClient service
- Restart is required
Microsoft Internet Explorer Security Update for May 2021
- Rather than update Internet Explorer, it is recommended to remove or disable the feature
- Attempted to disable through Control Panel -> Programs and Features -> “Turn Windows features on or off”
- Option was not available for Internet Explorer
- Used Powershell as Admin to disable Internet Explorer through the command line instead
- Ran the command dism /online /Disable-Feature /FeatureName:Internet-Explorer-Optional-amd64
- Restart is required
Google Chrome Prior To 91.0.4472.101 Multiple Vulnerabilities
- Updated Google Chrome through browser
- Ensured the most up to date version was installed fully
Adobe Reader and Acrobat Multiple Vulnerabilities (APSB17-24)
- Check for updates through the Adobe Reader application
- Verify the most up to date version of the application was installed
X.X.X.128
Adobe Reader and Acrobat Multiple Vulnerabilities (APSB17-24)
- Found that server had Adobe Deader XI installed, which is a legacy EOL software
- Uninstalled Adobe Reader XI through Control Panel -> Programs and Features
- Installed latest version of Adobe Reader DC
BEAST Vulnerability
- Ensured registry keys had been inserted already to block insecure SSL and TLS protocols
- Edited the nsclient.ini file to close the NSClient exploits
- Restarted the NSClient service
- Requires a restart
Microsoft Internet Explorer Security Update for May 2021
- Rather than update Internet Explorer, it is recommended to remove or disable the feature
- Attempted to disable through Control Panel -> Programs and Features -> “Turn Windows features on or off”
- Option was not available for Internet Explorer
- Used Powershell as Admin to disable Internet Explorer through the command line instead
- Ran the command dism /online /Disable-Feature /FeatureName:Internet-Explorer-Optional-amd64
- Restart is required