Critical Patches

Benefit from periodical alerts about critical patches for weaponized vulnerabilities. CSW’s Patch Watch helps you patch vulnerabilities that have severe consequences on organizations.

View previous patch watch

This blog brings you all the DHS CISA KEVs that need to be prioritized for patching from Sept 19, 2022 to Sept 23, 2022

Sep 16, 2022

3 minutes

DHS CISA KEVs Weekly Edition 17: Patch Before You Hit the Deadline

This blog brings you all the DHS CISA KEVs that need to be prioritized for patching from Sept 5, 2022 to Sept 9, 2022

Sep 3, 2022

3 minutes

DHS CISA KEVs Weekly Edition 16: Patch Before You Hit the Deadline

This blog brings you all the DHS CISA KEVs that need to be prioritized for patching from Aug 29 to Sept 2, 2022.

Aug 19, 2022

3 minutes

DHS CISA KEVs Weekly Edition 15: Patch Before You Hit the Deadline

This blog brings you all the DHS CISA KEVs that need to be prioritized for patching from Aug 19 to Aug 25, 2022.

Aug 12, 2022

3 minutes

DHS CISA KEVs Weekly Edition 14: Patch Before you Hit the Deadline

This blog brings you all the DHS CISA KEVs that need to be prioritized for patching from Aug 08 to Aug 15, 2022.

Aug 3, 2022

2 minutes

DHS CISA KEVs Weekly Edition 13: Patch Before you Hit the Deadline

This blog brings you all the DHS CISA KEVs that need to be prioritized for patching from Aug 01 to Aug 05, 2022.

Jul 27, 2022

3 minutes

DHS CISA KEVs Weekly Edition 12: Patch Before you Hit the Deadline

This blog brings you all the DHS CISA KEVs that need to be prioritized for patching from July 25 to July 29, 2022.

Jul 9, 2022

3 minutes

DHS CISA KEVs Weekly Edition 10: Patch Before you Hit the Deadline

This blog brings you all the DHS CISA KEVs that need to be prioritized for patching from July 4 to July 10, 2022.

Jul 1, 2022

3 minutes

DHS CISA KEVs Weekly Edition 9: Patch Before you Hit the Deadline

This blog brings you all the DHS CISA KEVs that need to be prioritized for patching from June 26 to July 01, 2022.

Dec 13, 2021

3 minutes

CVE-2021-44228: Patch Apache Log4J Vulnerability Immediately!

On December 9, 2021, a new critical zero-day vulnerability (CVE-2021-44228) was discovered in Apache Log4J, a Java-based logging tool that affects any organization that uses Apache Log4j framework including Apache Struts2, Apache Solr, Apache Druid, Apache Flink, and others.

Dec 10, 2021

3 minutes

CISA—Patch These 291 CVEs before the Deadline!

On November 3, 2021, the US Cybersecurity and Infrastructure Security Agency (CISA) issued a new Binding Operational Directive urging public entities to fix Known Exploited Vulnerabilities (KEV) within defined time frames. This catalog consists of 291 vulnerabilities dating back to 2010 that threat actors have been actively exploiting in attacks.

Oct 5, 2021

1 minute

September 2021: Apple Patches 3 Zero Days Under Active Attack

Apple released security updates for three vulnerabilities in iOS and one flaw in macOS Catalina. We analyzed these weaknesses and spotlighted the most important vulnerabilities that ought to be fixed on priority.

Sep 23, 2021

3 minutes

Abode Patches 59 Security Vulnerabilities

Adobe patched 59 unique security vulnerabilities in September 2021. We analyzed these weaknesses and spotlighted the most important vulnerabilities that ought to be fixed on priority.

Sep 16, 2021

3 minutes

August: Cisco Patches 43 Security Vulnerabilities

Cisco patched 43 unique security vulnerabilities in August 2021. We analyzed these weaknesses and spotlighted the most important vulnerabilities that ought to be fixed on priority.

Aug 9, 2021

3 minutes

July: Apple Patches 52 Security Vulnerabilities

We analyzed all 52 weaknesses patched in July and spotlighted the most important vulnerabilities that ought to be patched on priority.

Jul 20, 2021

3 minutes

Radiographers: Patch These 16 Philips Vue PACS Vulnerabilities

We analyzed sixteen vulnerabilities in the Philips Vue PACS software and highlighted the ones that need to be prioritized for immediate patching.

Jun 30, 2021

3 minutes

Cardiac Management: Patch These Six ZOLL Vulnerabilities

We examined eight vulnerabilities in the ZOLL defibrillator dashboard and highlighted the ones that need to be prioritized for immediate patching.

Jun 18, 2021

3 minutes

Chrome Users: Patch CVE-2021-30551 Immediately

Pentesters from CSW have highlighted one particular vulnerability that is trending and has exploits in the wild: CVE-2021-30551!

May 21, 2021

3 minutes

Patch Watch: CSW Analysis of Pulse Secure Vulnerabilities

CSW researchers analyzed 93 security vulnerabilities in 16 Pulse Secure products and spotlight what weaknesses need to be addressed immediately and why.

Apr 9, 2021

3 minutes

Nine Reasons to Patch Hafnium Vulnerabilities

On March 3, following Microsoft's release of out-of-band security patches to address multiple zero-day bugs (CVE-2021-26855, CVE-2021-26857, CVE-2021-26858, CVE-2021-27065) in on-premises versions of Microsoft Exchange Server, CISA issued an emergency directive alert mitigate product vulnerabilities.

Cyberwar Bulletin: Iran and Albania

Critical Patches

View previous patch watch

Categories

This blog brings you all the DHS CISA KEVs that need to be prioritized for patching from Sept 19, 2022 to Sept 23, 2022

This blog brings you all the DHS CISA KEVs that need to be prioritized for patching from Sept 5, 2022 to Sept 9, 2022

This blog brings you all the DHS CISA KEVs that need to be prioritized for patching from Aug 29 to Sept 2, 2022.

This blog brings you all the DHS CISA KEVs that need to be prioritized for patching from Aug 19 to Aug 25, 2022.

This blog brings you all the DHS CISA KEVs that need to be prioritized for patching from Aug 08 to Aug 15, 2022.

This blog brings you all the DHS CISA KEVs that need to be prioritized for patching from Aug 01 to Aug 05, 2022.

This blog brings you all the DHS CISA KEVs that need to be prioritized for patching from July 25 to July 29, 2022.

This blog brings you all the DHS CISA KEVs that need to be prioritized for patching from July 4 to July 10, 2022.

This blog brings you all the DHS CISA KEVs that need to be prioritized for patching from June 26 to July 01, 2022.

On December 9, 2021, a new critical zero-day vulnerability (CVE-2021-44228) was discovered in Apache Log4J, a Java-based logging tool that affects any organization that uses Apache Log4j framework including Apache Struts2, Apache Solr, Apache Druid, Apache Flink, and others.

Apple released security updates for three vulnerabilities in iOS and one flaw in macOS Catalina. We analyzed these weaknesses and spotlighted the most important vulnerabilities that ought to be fixed on priority.

Adobe patched 59 unique security vulnerabilities in September 2021. We analyzed these weaknesses and spotlighted the most important vulnerabilities that ought to be fixed on priority.

Cisco patched 43 unique security vulnerabilities in August 2021. We analyzed these weaknesses and spotlighted the most important vulnerabilities that ought to be fixed on priority.

We analyzed all 52 weaknesses patched in July and spotlighted the most important vulnerabilities that ought to be patched on priority.

We analyzed sixteen vulnerabilities in the Philips Vue PACS software and highlighted the ones that need to be prioritized for immediate patching.

We examined eight vulnerabilities in the ZOLL defibrillator dashboard and highlighted the ones that need to be prioritized for immediate patching.

Pentesters from CSW have highlighted one particular vulnerability that is trending and has exploits in the wild: CVE-2021-30551!

CSW researchers analyzed 93 security vulnerabilities in 16 Pulse Secure products and spotlight what weaknesses need to be addressed immediately and why.