IT Professionals, Guilty

I’d say you’d still need a good few around, depends on the environment. Nora in Payroll might fuck you over for giving her a USB headset.

1 Like

They’ll adapt very quickly. We had very little push back. Handsets in the offices and meeting rooms for conference calls, a few handsets for PA’s / receptionists and then everyone else on softphone. It was a very successful project and has obviously come into it’s own in the last few months.

You can PM me if you want more details.

1 Like

anything that helps with something like this is a plus

technician-fix-telephone-exchange_38678-913

:nauseated_face:

2 Likes

Are you sure about this, as in absolutely certain… I’m somewhat skeptical myself. :wink:

1 Like

I’m now in possession of one of these yokes.

http://www.grandstream.com/products/ip-voice-telephony/wifi-cordless/product/wp820

Is configured so that if someone calls me on teams the phone will also ring.

A daycent job to be fair.

I’ll be making all my calls to Eir on it now when the broadband at home goes down :slight_smile:

@Copper_pipe @Ambrose_McNulty

#sigred #sigred

FFS

Making more work for me.

Caused a stir just before taaaaay at 10am.

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1350

Only impacts Windows Server OS it seems.

Not my problem if that’s the case :slight_smile:

XP for the win :joy:

Well it is a DNS server vulnerability.

Yeah I may have posted “FFS” a bit prematurely.

Next time I’ll actually google what the exploit is :wink:

1 Like

What’s the vulnerability mate?

They haven’t revealed the exact details for obvious reasons but in broad terms it seems there is the potential for RCE on the server by sending a certain type of response to a DNS request. It affects all versions of Windows server and is potentially wormable.

Little bit pedantic but the server sends the response. Surely the query would have to be malicious? I presume it’s a sig record manipulation.

Ya that wasnt clear, it’s actually both incoming queries and in the response in the case of a forwarded query.

It’s been rated a 10/10 severity.

Must be able to get domain admin or DC access. Fuck.

Ya that’s the fear, a lot of companies would be running the DNS service on a DC.

Youd need to get inside the network first for internal DNS. Still, could have malicious intent from inside.

Very detailed post from Checkpoint here on it: