Proxy Networks Statement on Recent Cyber Security Issues

Hello Friends of Proxy,

In the past week, the news has reported on several major cyber security issues.  We want to let our customers know that we follow these issues closely and assess their impact on the PROXY Pro software.  None of these issues are a direct concern for PROXY Pro software aside from emphasizing the importance of keeping your Windows machines up-to-date with the latest updates from Microsoft.  Here is a bit more detail on these recent attacks along with some context for PROXY Pro software.

One issue was a ransomware attack involving the U.S. technology firm Kaseya.  This attack, reminiscent of the SolarWinds attack a few years ago, allowed hackers to bypass authentication and push out ransomware to endpoints.  This, of course, has no relationship to PROXY Pro software and it is important to know that the PROXY Pro server does not push software updates out to endpoints.  Customers choose when and if they want to push out software updates to endpoints and can do this at a time convenient for them and with a tool of their choosing.

The other big issue in the news was a Microsoft zero-day vulnerability exploit called “PrintNightmare”.  This allows hackers to gain access to Windows systems via remote code execution with SYSTEM level privileges.  Microsoft has released an out-of-band patch for this (KB5004945) for some Windows operating systems, like Windows 10, and is in the process of releasing it for the rest.  This issue is tracked as CVE-2021-34527.  A recommended mitigation for this issue is to disable the Print Spooler in Windows.  The PROXY Pro software generally does not depend on this service, and specifically the Spooler can be disabled on a system running PROXY Pro Server without any impact on the PROXY Pro installation, features, or functionality.  The PROXY Pro Host and PROXY Pro Master do depend on the Print Spooler if and only if the optional Remote Printing feature is installed.  This feature is not enabled in the installers by default since v10.2 HF#3.  Customers that installed earlier versions and upgrade likely have the feature enabled and installed.  The Host and Master software with the Remote Printing feature installed still work for all purposes with the Print Spooler disabled, except that the Remote Printing features will not work correctly, and upgrade or uninstallation of the software will report an error.  Please contact support if you have further questions about this.

Proxy Networks takes security seriously.  The PROXY Pro Server provides an audit trail of activity which is viewable in the Web Console on the Analytics page.  All executable code is Authenticode-signed to prevent tampering and ensure that our product releases are free from malicious code.  Testing is also done to ensure our code is free from defects that could compromise the security of our customers and their installations.

Thank you!

Ryan Gallager

Proxy Networks Support Team