Bobcares

Juicy Potato vulnerability in Windows Plesk – How we fix it?

by | Dec 30, 2019

Are you getting a warning Juicy Potato vulnerability in Windows Plesk? We can help you resolve it.

The Juicy Potato is not because of the Plesk. It’s due to the vulnerability in the Windows server.

At Bobcares, we often request to fix errors Windows servers as a part of our Server Management Services.

Today, we will see how our Support Engineers do this for our customers.

 

Juicy Potato vulnerability in Windows

Juicy potato is a version of the RottenPotato exploit that exploits the way Microsoft handles tokens.

Microsoft Windows Server in its default configuration has a critical vulnerability. It can cause an escalation of privileges if a server is compromised.

A CLSID is a globally unique identifier that identifies a COM class object. The exploit allows us to escalate from service accounts in session 0 to SYSTEM.

Affected servers are Windows Server 2008 R2, Windows Server 2012, Windows Server 2012 R2 and Windows Server 2016.

Microsoft has no plans to harden the affected servers due to architectural implementation. Thus upgrading the OS or migrating to the new server with Windows server 2019.

The sample error in Plesk looks like:

Juicy Potato vulnerability in Windows Plesk

Let’s discuss how our Support Engineers resolve the error for our customers.

 

How to overcome Juicy Potato vulnerability in Windows

Let’s discuss the methods our Support Engineers follow to prevent the server from Juicy Potato vulnerability.

 

Migrate Plesk on to Windows server 2019

One of the recommended options by Plesk is to migrate your websites from current VPS to Windows server 2019 VPS. Our Support Engineers use the Migration & Transfer Manager in Plesk to migrate to the new server.

 

Upgrade Windows server 2016 to Windows server 2019

First, we take the backup of the virtual machine before proceeding with the upgrade.

Then we collect the system information. Now we upload the Windows Server 2019 Setup media into the server.

Once the files are uploaded we run the setup.exe file. We click on Yes to start the setup process.

After that, we select the Download updates, drivers and optional features (recommended) option or Not right now based on the files uploaded. Then we click Next.

Now we enter the licensing key to continue. Then we select Windows Server 2019 edition we want to install and click on next.

We accept the terms of your licensing agreement. Then we select Keep personal files and apps and then select Next.

Finally, click on Install. Once the upgrade is complete the server will be automatically restarted.

 

How we disable DCOM support in Windows

One of the temporary methods is to disable DCOM support in the server. Disabling the function can affect multiple functions in the server. We disable DCOM only on customer confirmation.

We Click on Start >> Administrative Tools >> Component Services.

Then we select Component service. Click on My computer and we select Properties.

On the default properties tab, we deselect the Enable Distributed COM

Finally, click on OK.

 

[Need any assistance with Windows Plesk? – We’ll help you]

 

Conclusion

In short, we have discussed about Juicy Potato vulnerability in Windows Plesk server. Also, we have discussed how our Support Engineers prevent the server from this vulnerability.

PREVENT YOUR SERVER FROM CRASHING!

Never again lose customers to poor server speed! Let us help you.

Our server experts will monitor & maintain your server 24/7 so that it remains lightning fast and secure.

GET STARTED

var google_conversion_label = "owonCMyG5nEQ0aD71QM";

2 Comments

  1. Carissa Wilson

    I’ve been hacked. Took me 30 days to learn that it’s juicy potato. How does one recover? I have over 30 devices & I’m pretty sure that it wasn’t just my computer, 2 laptops, printer, & 4 smart phone.

    Reply
    • Maheen Aboobakkar

      Hello Carissa,

      We’ll be happy to talk to you on chat (click on the icon at right-bottom).

      Reply

Submit a Comment

Your email address will not be published. Required fields are marked *

Never again lose customers to poor
server speed! Let us help you.