Organizations that fail to configure Windows Server Update Services (WSUS) to use SSL are exposed to cyberattacks, researchers have warned.
In a presentation last week at the Black Hat security conference in Las Vegas, researchers from Context Information Security demonstrated how Windows Update, and particularly WSUS, can be abused in attacks aimed at corporate networks.
WSUS is designed to allow IT administrators to fully manage the distribution of updates to the machines in their organization’s network. WSUS relies on SOAP XML calls to perform updates.
The WSUS configuration wizard in Windows Server 2012 advises users to utilize SSL with the service once the system has been set up. However, since SSL is not enabled by default, experts believe a “significant number” of WSUS deployments don’t use SSL.