Highlights of Patch Watch Issue 12
-
21 vendors released security patches for 334 vulnerabilities, including 16 CVEs with known exploits.
-
9 vulnerabilities that got patched this month are red-flagged by CISA.
-
145 old vulnerabilities have been patched.
-
Microsoft rolls out 108 patches this month.
Weaponized Vulnerabilities
We have 16 vulnerabilities that are known exploits. Here is our analysis –
-
4 CVEs are associated with RCE bug
-
2 CVEs have PE capabilities.
-
1 CVE is alerted by CISA.
-
15 CVEs are rated high and 5 are of medium severity.
Old Vulnerabilities
145 Old vulnerabilities have been fixed, ranging from the year 2016 to 2020.
-
10 CVEs have known exploits
-
3 CVEs are alerted by CISA
-
51 CVEs are rated high, and 66 are of medium severity.
Microsoft April Patches 2021
Microsoft issued patches for 108 security vulnerabilities, including five zero-day vulnerabilities ( CVE-2021-2709, CVE-2021-28312, CVE-2021-28437, CVE-2021-28458, CVE-2021-28310).
CISA Alerts
CISA has issued an alert for 9 vulnerabilities.
-
1 CVE has a known exploit.
-
3 CVEs are high rated and 4 are of medium severity.
Click here for our analysis and download patches.
Table: April Security Patches 2021
Cybercriminals were emboldened in 2021 as organizations are pushed to deal with an increased attack surface with employees working from home. So, users are recommended to apply these patches to mitigate risks stemming from these weaknesses.