CSW Discovers its 50th Zero Day!

August 15: CSW Patch Watch & Security Updates

Posted on Sep 8, 2021 | By Pavithra Shankar

Highlights of Patch Watch Issue 17

Weaponized Vulnerabilities

We have 122 vulnerabilities that are known exploits. Here is our analysis –

  • 5 CVEs are associated with ransomware strains that include Maze, Clop, and Sodinokibi.

  • 5 CVEs are linked to APT 1, APT 10,  TA505,  FIN11, Carbanak, and Pinchy Spider.

  • 9 Malware groups (OceanSalt, Auriga, Bangat, BISCUIT, MAPIGET, TARSIP, SEASALT,  KURTON, and HELAUTO) are correlated to 5 CVEs.

  • 18 CVEs are RCE bugs.

  • 19 CVEs have Privilege Escalation capabilities.

  • 24 CVEs are linked to Denial of Service attacks. 

  • 6 CVEs have Cross-Site Scripting possibilities.

  • 29 CVEs are rated critical and 53 are high severity.

Click here for our analysis and download patches.

CSW Alerts

The vulnerabilities CVE-2020-1472, CVE-2021-34527, CVE-2020-0549, CVE-2020-2555, CVE-2020-13935, and CVE-2020-9484 that got patched earlier this month have been pointed out in our Cyber Risk Series and CSW blogs.  We strongly recommend applying the recent security updates for all these vulnerabilities on high priority. 

Old Vulnerabilities

275 Old vulnerabilities have been fixed by 10 vendors, ranging from the year 2002 to 2020. 

  • 5 CVEs are associated with ransomware strains that include Maze, Clop, and Sodinokibi.

  • 5 CVEs are linked to APT 1, APT 10,  TA505,  FIN11, Carbanak, and Pinchy Spider.

  • 9 Malware groups (OceanSalt, Auriga, Bangat, BISCUIT, MAPIGET, TARSIP, SEASALT,  KURTON, and  HELAUTO) are correlated to 5 CVEs.

  • 15 CVEs are featured by CISA.

  • Of these, 51 CVEs have known exploits.

  • 6 CVEs with Privilege Escalation.

  • 5 CVEs are Remote Code Execution bugs.

  • 38 CVEs are rated critical and 126 are of high severity. 

Click here for our analysis and download patches.

Microsoft August Patches 2021

Microsoft plugged 44 vulnerabilities including 3 zero-days. Of these 44 CVEs,  CVE-2021-36942 (PetitPotam) in Windows Update Medic Service with Elevation of Privilege have PoC released in public forums and remain vulnerable to active exploitation. We recommend Microsoft users to address the  NTLM problem as top priority. 

Check out our Microsoft patch watch edition here.

CISA Alerts

CISA has issued alerts for 40 vulnerabilities, including 1 publicly known exploit.

  • 3 CVEs are associated with LockFile, Magniber and ViceSociety Ransomware.

  • CVEs are classified as Remote Code Execution bugs.

  • 1 CVEs with Privilege Escalation.

  • 9 CVEs are rated critical and 7 are of high severity.

Click here for our analysis and download patches.

Table: August Security Patches 2021

With ransoms being paid out on a regular basis, hackers have recognised how lucrative these attacks can be. We discovered that ransomware, malware, or APT associations exist in 24 percent of all fixed vulnerabilities, with the number of organizations targeted by threat groups rising rapidly. Therefore, it is advised to have a robust cybersecurity program in place, with security patches being applied aggressively on a daily basis, to be able to stave off an attack.

 

Does your organization have a patch management program? Talk to CSW’s Experts to prioritize the threats that need immediate attention!

 

Test your defense to know how secure you are…