MAS warns financial institutions of vulnerabilities in MS Windows
THE Monetary Authority of Singapore (MAS) has alerted financial institutions to critical vulnerabilities in the Microsoft Windows Operating System that could allow malicious files or applications to bypass detection and gain control of computer systems.
Affected financial institutions are advised to install security updates released by Microsoft on Jan 15, 2020, that address 49 vulnerabilities. Four of the vulnerabilities are highly critical and need immediate attention, according to the Cyber Security Agency of Singapore (CSA).
MAS issued an advisory on Jan 15 and informed financial institutions using the affected Windows Operating Systems to immediately install the relevant patches. It also advised financial institutions to take mitigating measures to prevent the vulnerabilities from being exploited.
CSA said one of the highly critical vulnerabilities could allow attackers to conduct man-in-the-middle attacks and decrypt confidential information on user connections to the affected software. A man-in-the-middle attack occurs when an unauthorised entity intercepts the communications between two systems.
The other three could allow attackers to perform remote code execution and take control of the affected systems to perform malicious activities. These include unauthorised installation of programmes, the creation of rogue administrator accounts and the viewing, changing or deleting of data.
More details of the vulnerabilities and affected products can be found in CSA's advisory.
BT is now on Telegram!
For daily updates on weekdays and specially selected content for the weekend. Subscribe to t.me/BizTimes
Banking & Finance
Japan brokerage Daiwa’s Q4 profit more than doubles as markets recover
Barclays Q1 profit falls 12% as mortgage competition, deals drought hit
Deutsche Bank Q1 profit jumps 10% as investment bank outperforms
Latest Singapore 6-month T-bill offering cut-off yield of 3.74% as applications dip
Morgan Stanley Asia private equity unit to reorganise as CEO retires
US seeks 36 months’ jail for Binance founder Zhao