The arrival of Windows Server 2012 and forthcoming “end of support” for the XP version Microsoft’s desktop operating systems offers a timely reminder for InfoSec professionals to consider the skill sets needed to secure critical systems.
“Lots of marketing hype has been written about Windows 8, but the reality is that few organisations will move to the new OS on non-touch computers,” says Jason Fossen, principal security consultant at Enclave Consulting LLC, published author and a noted public speaker on Microsoft security issues.
“However, Windows Server 2012 is different. Server 2012 will likely be a very popular OS release and is probably the most secure Microsoft operating system to date.
Fossen is also the sole author of the SANS Institute's week-long Securing Windows course (SEC505) which will be making its European debut at SANS Belgium 2013 in February. Fossen also maintains the Windows day of the Security Essentials course at SANS.
“Security enhancement such as Dynamic Access Control (DAC) and Kerberos armouring are extremely useful, but need to be both understood and deployed in the correct fashion – having good security tools is not enough without the skills to correctly utilise their capability within the environment.”
The SANS instructor has spent several months updating the course syllabus to reflect the arrival of new operating systems but highlight the end of life for previous versions as a much more worrying event.
“Hackers are still actively looking for vulnerabilities within the older operating systems. As of April 2014, Microsoft will no longer release any new security patches for Windows XP,” explains Fossen. “Roughly half of all business and government computers are still running Windows XP, and the time is running out before XP’s end of life. XP vulnerabilities published after April of 2014 will be very valuable to hackers and malware designers.”
Fossen stresses that the issue is not the fault of Microsoft, as all operating systems eventually need to be decommissioned, but that organisations often fail to understand the major security risk of waiting till the last moment to migrate.
“As we live within a world where Advanced Persistent Threat malware is now commonplace, unsupported and vulnerable operating systems residing within a seemingly secure environment can become a breeding ground for APT. Organisations need to develop a migration strategy to get off Windows XP before April of 2014, not after.”
The ‘SEC505: Securing Windows and Resisting Malware’ course developed and taught by Fossen will be running at SANS Belgium from February 18th to 23rd at the NH Hotel du Grand Sablon in the heart of Brussels. SANS is also offering an ‘Early Bird’ discount of up to up to €250 for any full course paid for by January 9th of 2013.