5 tips to protect legacy applications on Windows networks

You're probably running legacy applications somewhere, and attackers see them as vulnerable targets. This advice will harden legacy apps against threats.

binary target
Violka08 / Getty Images

A typical business network has at least one of them and probably more than the admins want to admit: a legacy server or workstation running an ancient piece of business software that you just can’t wean yourself off. If you are lucky, it’s on a virtual machine that you can move at a moment’s notice. If you aren’t, it’s on ancient hardware that you hope will continue to work.

As Microsoft’s Aaron Margosis notes in his blog, you should ideally retire legacy applications and upgrade to a new supported, secure application. In reality, organizations use legacy systems. Jessica Payne discussed protecting these legacy systems on a Windows network at a recent Microsoft virtual security summit. This is some of the advice she and Margosis offer:

Check log-in credentials

Review if you log onto that system with domain administrator credentials. Legacy systems often keep hash values of credentials on the system that can be easily harvested using widely available credential harvesting tools such as mimikatz. Ensure that you do not log into these systems with high-privileged credentials.

To continue reading this article register now

Subscribe today! Get the best in cybersecurity, delivered to your inbox.