fbpx
Frame-14

Privacy Ninja

        • DATA PROTECTION

        • CYBERSECURITY

        • Penetration Testing

          Secure your network against various threat points. VA starts at only S$1,000, while VAPT starts at S$4,000. With Price Beat Guarantee!

        • API Penetration Testing
        • Enhance your digital security posture with our approach that identifies and addresses vulnerabilities within your API framework, ensuring robust protection against cyber threats targeting your digital interfaces.

        • On-Prem & Cloud Network Penetration Testing
        • Boost your network’s resilience with our assessment that uncovers security gaps, so you can strengthen your defences against sophisticated cyber threats targeting your network

        • Web Penetration Testing
        • Fortify your web presence with our specialised web app penetration testing service, designed to uncover and address vulnerabilities, ensuring your website stands resilient against online threats

        • Mobile Penetration Testing
        • Strengthen your mobile ecosystem’s resilience with our in-depth penetration testing service. From applications to underlying systems, we meticulously probe for vulnerabilities

        • Cyber Hygiene Training
        • Empower your team with essential cybersecurity knowledge, covering the latest vulnerabilities, best practices, and proactive defence strategies

        • Thick Client Penetration Testing
        • Elevate your application’s security with our thorough thick client penetration testing service. From standalone desktop applications to complex client-server systems, we meticulously probe for vulnerabilities to fortify your software against potential cyber threats.

        • Source Code Review
        • Ensure the integrity and security of your codebase with our comprehensive service, meticulously analysing code quality, identifying vulnerabilities, and optimising performance for various types of applications, scripts, plugins, and more

        • Email Spoofing Prevention
        • Check if your organisation’s email is vulnerable to hackers and put a stop to it. Receive your free test today!

        • Email Phishing Excercise
        • Strengthen your defense against email threats via simulated attacks that test and educate your team on spotting malicious emails, reducing breach risks and boosting security.

        • Cyber Essentials Bundle
        • Equip your organisation with essential cyber protection through our packages, featuring quarterly breached accounts monitoring, email phishing campaigns, cyber hygiene training, and more. LAUNCHING SOON.

Mandatory Windows 10 Update Causing DNS And Shared Folder Issues

Mandatory Windows 10 Update Causing DNS And Shared Folder Issues

Some Windows 10 users have issues with DNS resolution after installing the latest Windows 10 cumulative updates released this week.

As part of this week’s April 2021 Patch Tuesday, Microsoft released the Windows 10 KB5001330 & KB5001337 cumulative updates to fix various security vulnerabilities and bugs discovered in the operating system.

Since installing the updates, some corporate users have reported having issues with DNS resolution that prevent access to shared folders on servers when trying to access them by the server’s name. If attempting to access the shared folder via the server’s IP address, users can properly connect to the shared folders.

To access shared folders again, admins had to uninstall the cumulative update, which is not a good solution as it removes security fixes.

After users began reporting the issue on BleepingComputer’s forum, users determined that many affected users are using the Dentrix Dental Practice Management software in their offices.

A longstanding support recommendation for Dentrix customers to reduce network lag has been to disable multicase name resolution (LLMNR) on Windows workstations.  This is done by enabling the ‘Turn off multicast name resolution’ group policy under Computer Configuration Administrative Templates Network DNS Client.

Also Read: The 5 Benefits Of Outsourcing Data Protection Officer Service

Turn off multicast name resolution group policy

However, since installing the latest cumulative updates, this policy prevents users from accessing their shared server folders.

Dentrix has acknowledged the issue and stated that after coordinating with Microsoft, disabling this group policy is the recommended way to resolve this issue.

“After working with Microsoft, we believe that we have found a solution that allows you to keep the critical Microsoft Security Update installed. It appears that this issue can be resolved by enabling “Link Layer Multi-cast Name Resolution” (LLMNR). This is a Windows Group Policy that many users have disabled over the years. Re-enabling it seems to restore proper IP Address resolution which in turn restores connectivity to the Dentrix Database. To enable LLMNR, follow the steps below.”

To disable the policy (enable LLMNR) and fix the DNS resolution issues, the recommended steps are:

  1. Go to Start>Run and type GPEdit.msc     
    • This should open the Local Group Policy Editor.
  2. Use the Group Policy Editor to navigate to Local Computer Policy>Computer Configuration>Administrative Template>Network>DNS Client.
  3. Double-Click “Turn Off Multicast Name Resolution.” 
  4. Mark the radio button labeled “Disabled.”
  5. Click Apply and OK
  6. Open a Windows Command Prompt Window (Start>Cmd.exe) and enter the command ipconfig /flushdns .

Dentrix customers do not see this as an adequate solution as LLMNR could cause lag while using the software. Instead, they recommend users add the affected server’s name and IP address to the HOSTS file, which seems to fix the issue.

“Enabling Multicast is definitely not an option for Dentrix due to slowness.

Microsoft needs to release a fix asap.

Best resolution we have found so far is the host file fix, the DNS service fix hasn’t fixed any of them yet for us but was reported by someone else as a fix.”

– a Dentrix customer posted to our forums.

This bug is not related solely to Dentrix users but instead to whoever has LLMNR disabled, which for the most part, has been Dentrix customers who were told to disable it.

Also Read: How To Prevent WhatsApp Hack: 7 Best Practices

While it is unknown what caused this bug, Microsoft fixed two DNS vulnerabilities [12] this month that may have contributed to this abnormal behavior.

BleepingComputer has contacted Microsoft regarding this bug but has not heard back.

0 Comments

KEEP IN TOUCH

Subscribe to our mailing list to get free tips on Data Protection and Data Privacy updates weekly!

Personal Data Protection

REPORTING DATA BREACH TO PDPC?

We have assisted numerous companies to prepare proper and accurate reports to PDPC to minimise financial penalties.
×

Hello!

Click one of our contacts below to chat on WhatsApp

× Chat with us