Threats and Vulnerabilities
Threats and Vulnerabilities
- 32 Topics
- 33 Replies
Get ya Patch Tuesday Rundown here! As we do every month, we’ve put together a summary of what you can find in this month’s Patch Tuesday updates and what it might mean for you. June was about in line with what we found from Microsoft in last month’s Patch Tuesday with 49 vulnerabilities addressed vs. 55 in May. But, it represents 33% fewer vulnerabilities on average for each month so far this year. Of these 49 vulnerabilities, 5 were rated as critical, one more than last month, and 52% lower on average. Unfortunately, 6 vulnerabilities are being actively exploited in the wild, one more than the highest monthly number seen so far this year. These 6 actively exploited vulnerabilities can enable an attacker to gain control of a system, illegally gain critical information, and compromise the security of infrastructure through a vulnerable system. While Automox recommends that all critical vulnerabilities are patched within a 72 hour window, the fact that many of this month’s critical vulne
Sorry this post is coming in a bit late, but I’m finally back with the Patch Tuesday Rundown for May! May’s Patch Tuesday saw only 55 security fixes compared to the 108 tallied in the month of April. We’re currently tracking 4 critical vulnerabilities, none of which are being exploited in the wild to the best of our knowledge and vendor communications. On the Microsoft side, CVE-2021-26419 is a critical remote code execution vulnerability that impacts Internet Explorer 11 and 9 running on multiple versions of Microsoft Windows and Windows Server. In a web-based attack scenario, an attacker could host a specially crafted website that is designed to exploit the vulnerabilty through Internet Explorer and then convince a user to view the website. We also see an HTTP Protocol Stack remote code execution vulnerability (CVE-2021-31166) and a Microsoft Windows Object Linking (OLE) Automation execution vulnerability (CVE-2021-31194). For Adobe, they’ve released a trove of 12 new security bullet
Yesterday marked the fourth Patch Tuesday of 2021! April’s Patch Tuesday yielded 108 new Microsoft security fixes, delivering the highest monthly total for 2021 (so far) and showing a return to the 100+ totals we consistently saw in 2020. Included in this month are 19 critical vulnerabilities and a high-severity zero-day that’s currently being exploited in the wild, CVE-2021-28310. This vulnerability is a locally exploited Windows Win32K elevation of privilege bug. To exploit it, an attacker would first have to log on to the system, then run a specially crafted application. The exploitation of this vulnerability would allow an attacker to execute code in the context of the kernel and gain SYSTEM privileges, allowing the attacker access to critical Windows components and information. Not only was Microsoft subject to a number of security fixes, Adobe released four security updates covering seven critical vulnerabilities across Adobe Photoshop, Adobe Digital Editions, Adobe Bridge, and R
If you weren’t able to attend our Patch Tuesday Webinar or just want a refresher on everything that was discussed, we have a recap available here. Join Justin Knapp, Automox’s Product Marketing Manager, as he discusses the latest vulnerabilities identified in this Patch Tuesday roundup!
March brought us back to a more exciting time, compared to February. Microsoft has addressed 89 new vulnerabilities this month, representing a 60% increase from the previous month. Of this total, 14 are rated as “critical” with 5 that are being actively being exploited in the wild. And you didn’t think I’d miss the whole Microsoft Exchange incident, did you? 4 of those exploited vulnerabilties are specific to Microsoft Exchange Server. These Microsoft Exchange vulnerabilities were important enough for the “CISA,” the US Cybersecurity and Infrastructure Security Agency, to issue an emergency directive following the release of fixes for these zero-day vulnerabilities in Microsoft Exchange. In the midst of more severe vulnerabilities, Adobe had a modest release of three security updates addressing a handful of vulnerabilities, 5 of which are critical affecting Creative Cloud Desktop Application (APSB21-18), Adobe Connect (APSB21-19), and Adobe Framemaker (APSB21-14). Admins contending wit
This month’s Patch Tuesday is a bit less tumultuous compared to last month, with 56 new vulnerabilities, including 11 critical updates, from Microsoft. While the overall number of vulnerabilities fixed this month is relatively low, there is a zero-day (CVE-2021-1732) being exploited in the wild. Additionally, 11 of the Critical rated updates fix Remote Code Execution vulnerabilities. Adobe has also released fixes for numerous vulnerabilities across Dreamweaver, Illustrator, Photoshop, Magneto, Acrobat, and Reader. APSB21-09 specifically addresses updates for Adobe Reader that are currently being exploited in the wild. You can find a list of all of the Patch Tuesday updates from Firefox, Adobe, Apple, and Microsoft in our Patch Tuesday Index. Our Automox experts also put together their monthly breakdown of this month’s Patch Tuesday releases here. Lastly, it’s not too late to register for our monthly Patch Tuesday Webinar happening tomorrow at 12pm ET!
CVE-2020-1350 is a Critical Remote Code Execution (RCE) vulnerability in Windows DNS Server and is classified as a ‘wormable’ vulnerability with a CVSS base score of 10.0. This issue results from a flaw in Microsoft’s DNS server role implementation and affects all Windows Server versions. Non-Microsoft DNS Servers are not affected. There is a patch available today here and through Windows Update and hence Automox. An alternative workaround for this solution is the following registry key change. If you aren’t able to deploy the patch today we highly recommend making use of this workaround until such time as you can patch all your Microsoft DNS servers. Worklet for remediation: Evaluation code: Exit 1 Remediation code: New-ItemProperty -Path "HKLM:\SYSTEM\CurrentControlSet\Services\DNS\Parameters" TcpReceivePacketSize -Type DWORD -Value 0xFF00 -ForceRestart-Service -Name DNS
Already have an account? Login
Login to the community
No account yet? Create an account
Enter your username or e-mail address. We'll send you an e-mail with instructions to reset your password.