Author:

Profile picture of Catherine Zack

Posts by Catherine Zack

Patch Tuesday Update - April 2024

 

Fortra VM will include the Microsoft Patch Tuesday checks in the NIRV 4.40.0 and FVM Agent 2.6 releases.

  • Microsoft addressed 150 vulnerabilities in this release, including 3 rated as Critical and 67 Remote Code Execution vulnerabilities.
  • This release also includes a fix for the Proxy Driver Spoofing Vulnerability (CVE-2024-26234) that has been exploited in the wild.
CVE/AdvisoryTitleTagMicrosoft Severity RatingBase ScoreMicrosoft ImpactExploitedPublicly Disclosed
CVE-2024-20669Secure Boot Security Feature Bypass VulnerabilityWindows Secure BootImportant6.7Security Feature BypassNoNo
CVE-2024-20688Secure Boot Security Feature Bypass VulnerabilityWindows Secure BootImportant7.1Security Feature BypassNoNo
CVE-2024-20689Secure Boot Security Feature Bypass VulnerabilityWindows Secure BootImportant7.1Security Feature BypassNoNo
CVE-2024-21409.NET, .NET Framework, and Visual Studio Remote Code Execution Vulnerability.NET and Visual StudioImportant7.3Remote Code ExecutionNoNo
CVE-2024-21424Azure Compute Gallery Elevation of Privilege VulnerabilityAzure Compute GalleryImportant6.5Elevation of PrivilegeNoNo
CVE-2024-26250Secure Boot Security Feature Bypass VulnerabilityWindows Secure BootImportant6.7Security Feature BypassNoNo
CVE-2024-26252Windows rndismp6.sys Remote Code Execution VulnerabilityWindows Internet Connection Sharing (ICS)Important6.8Remote Code ExecutionNoNo
CVE-2024-26253Windows rndismp6.sys Remote Code Execution VulnerabilityWindows Internet Connection Sharing (ICS)Important6.8Remote Code ExecutionNoNo
CVE-2024-26254Microsoft Virtual Machine Bus (VMBus) Denial of Service VulnerabilityWindows Virtual Machine BusImportant7.5Denial of ServiceNoNo
CVE-2024-26255Windows Remote Access Connection Manager Information Disclosure VulnerabilityWindows Remote Access Connection ManagerImportant5.5Information DisclosureNoNo
CVE-2024-26256libarchive Remote Code Execution VulnerabilityWindows Compressed FolderImportant7.8Remote Code ExecutionNoNo
CVE-2024-26172Windows DWM Core Library Information Disclosure  VulnerabilityWindows DWM Core LibraryImportant5.5Information DisclosureNoNo
CVE-2024-26179Windows Routing and Remote Access Service (RRAS) Remote Code Execution VulnerabilityWindows Routing and Remote Access Service (RRAS)Important8.8Remote Code ExecutionNoNo
CVE-2024-26200Windows Routing and Remote Access Service (RRAS) Remote Code Execution VulnerabilityWindows Routing and Remote Access Service (RRAS)Important8.8Remote Code ExecutionNoNo
CVE-2024-26205Windows Routing and Remote Access Service (RRAS) Remote Code Execution VulnerabilityWindows Routing and Remote Access Service (RRAS)Important8.8Remote Code ExecutionNoNo
CVE-2024-26158Microsoft Install Service Elevation of Privilege VulnerabilityMicrosoft Install ServiceImportant7.8Elevation of PrivilegeNoNo
CVE-2024-26232Microsoft Message Queuing (MSMQ) Remote Code Execution VulnerabilityWindows Message QueuingImportant7.3Remote Code ExecutionNoNo
CVE-2024-28920Secure Boot Security Feature Bypass VulnerabilityWindows Secure BootImportant7.8Security Feature BypassNoNo
CVE-2024-28922Secure Boot Security Feature Bypass VulnerabilityWindows Secure BootImportant4.1Security Feature BypassNoNo
CVE-2024-28921Secure Boot Security Feature Bypass VulnerabilityWindows Secure BootImportant6.7Security Feature BypassNoNo
CVE-2024-28919Secure Boot Security Feature Bypass VulnerabilityWindows Secure BootImportant6.7Security Feature BypassNoNo
CVE-2024-28923Secure Boot Security Feature Bypass VulnerabilityWindows Secure BootImportant6.4Security Feature BypassNoNo
CVE-2024-28896Secure Boot Security Feature Bypass VulnerabilityWindows Secure BootImportant7.5Security Feature BypassNoNo
CVE-2024-28898Secure Boot Security Feature Bypass VulnerabilityWindows Secure BootImportant6.3Security Feature BypassNoNo
CVE-2024-28901Windows Remote Access Connection Manager Information Disclosure VulnerabilityWindows Remote Access Connection ManagerImportant5.5Information DisclosureNoNo
CVE-2024-28902Windows Remote Access Connection Manager Information Disclosure VulnerabilityWindows Remote Access Connection ManagerImportant5.5Information DisclosureNoNo
CVE-2024-28903Secure Boot Security Feature Bypass VulnerabilityWindows Secure BootImportant6.7Security Feature BypassNoNo
CVE-2024-28905Microsoft Brokering File System Elevation of Privilege VulnerabilityMicrosoft Brokering File SystemImportant7.8Elevation of PrivilegeNoNo
CVE-2024-28906Microsoft OLE DB Driver for SQL Server Remote Code Execution VulnerabilitySQL ServerImportant8.8Remote Code ExecutionNoNo
CVE-2024-28908Microsoft OLE DB Driver for SQL Server Remote Code Execution VulnerabilitySQL ServerImportant8.8Remote Code ExecutionNoNo
CVE-2024-28909Microsoft OLE DB Driver for SQL Server Remote Code Execution VulnerabilitySQL ServerImportant8.8Remote Code ExecutionNoNo
CVE-2024-28910Microsoft OLE DB Driver for SQL Server Remote Code Execution VulnerabilitySQL ServerImportant8.8Remote Code ExecutionNoNo
CVE-2024-28911Microsoft OLE DB Driver for SQL Server Remote Code Execution VulnerabilitySQL ServerImportant8.8Remote Code ExecutionNoNo
CVE-2024-28912Microsoft OLE DB Driver for SQL Server Remote Code Execution VulnerabilitySQL ServerImportant8.8Remote Code ExecutionNoNo
CVE-2024-28913Microsoft OLE DB Driver for SQL Server Remote Code Execution VulnerabilitySQL ServerImportant8.8Remote Code ExecutionNoNo
CVE-2024-28914Microsoft OLE DB Driver for SQL Server Remote Code Execution VulnerabilitySQL ServerImportant8.8Remote Code ExecutionNoNo
CVE-2024-28915Microsoft OLE DB Driver for SQL Server Remote Code Execution VulnerabilitySQL ServerImportant8.8Remote Code ExecutionNoNo
CVE-2024-28929Microsoft ODBC Driver for SQL Server Remote Code Execution VulnerabilitySQL ServerImportant8.8Remote Code ExecutionNoNo
CVE-2024-28931Microsoft ODBC Driver for SQL Server Remote Code Execution VulnerabilitySQL ServerImportant8.8Remote Code ExecutionNoNo
CVE-2024-28932Microsoft ODBC Driver for SQL Server Remote Code Execution VulnerabilitySQL ServerImportant8.8Remote Code ExecutionNoNo
CVE-2024-28936Microsoft ODBC Driver for SQL Server Remote Code Execution VulnerabilitySQL ServerImportant8.8Remote Code ExecutionNoNo
CVE-2024-28939Microsoft OLE DB Driver for SQL Server Remote Code Execution VulnerabilitySQL ServerImportant8.8Remote Code ExecutionNoNo
CVE-2024-28942Microsoft OLE DB Driver for SQL Server Remote Code Execution VulnerabilitySQL ServerImportant8.8Remote Code ExecutionNoNo
CVE-2024-28945Microsoft OLE DB Driver for SQL Server Remote Code Execution VulnerabilitySQL ServerImportant8.8Remote Code ExecutionNoNo
CVE-2024-29043Microsoft ODBC Driver for SQL Server Remote Code Execution VulnerabilitySQL ServerImportant8.8Remote Code ExecutionNoNo
CVE-2024-29045Microsoft OLE DB Driver for SQL Server Remote Code Execution VulnerabilitySQL ServerImportant7.5Remote Code ExecutionNoNo
CVE-2024-29047Microsoft OLE DB Driver for SQL Server Remote Code Execution VulnerabilitySQL ServerImportant8.8Remote Code ExecutionNoNo
CVE-2024-29050Windows Cryptographic Services Remote Code Execution VulnerabilityWindows Cryptographic ServicesImportant8.4Remote Code ExecutionNoNo
CVE-2024-29063Azure AI Search Information Disclosure VulnerabilityAzure AI SearchImportant7.3Information DisclosureNoNo
CVE-2024-29064Windows Hyper-V Denial of Service VulnerabilityRole: Windows Hyper-VImportant6.2Denial of ServiceNoNo
CVE-2024-29066Windows Distributed File System (DFS) Remote Code Execution VulnerabilityWindows Distributed File System (DFS)Important7.2Remote Code ExecutionNoNo
CVE-2024-20685Azure Private 5G Core Denial of Service VulnerabilityAzure Private 5G CoreModerate5.9Denial of ServiceNoNo
CVE-2024-23594Lenovo: CVE-2024-23594 Stack Buffer Overflow in LenovoBT.efiWindows Secure BootImportant6.4Security Feature BypassNoNo
CVE-2024-29988SmartScreen Prompt Security Feature Bypass VulnerabilityInternet Shortcut FilesImportant8.8Security Feature BypassNoNo
CVE-2024-29990Microsoft Azure Kubernetes Service Confidential Container Elevation of Privilege VulnerabilityMicrosoft Azure Kubernetes ServiceImportant9Elevation of PrivilegeNoNo
CVE-2024-2201Intel: CVE-2024-2201 Branch History InjectionIntelImportant4.7Information DisclosureNoNo
CVE-2024-20678Remote Procedure Call Runtime Remote Code Execution VulnerabilityWindows Remote Procedure CallImportant8.8Remote Code ExecutionNoNo
CVE-2024-20665BitLocker Security Feature Bypass VulnerabilityWindows BitLockerImportant6.1Security Feature BypassNoNo
CVE-2024-20693Windows Kernel Elevation of Privilege VulnerabilityWindows KernelImportant7.8Elevation of PrivilegeNoNo
CVE-2024-21322Microsoft Defender for IoT Remote Code Execution VulnerabilityMicrosoft Defender for IoTCritical7.2Remote Code ExecutionNoNo
CVE-2024-21323Microsoft Defender for IoT Remote Code Execution VulnerabilityMicrosoft Defender for IoTCritical8.8Remote Code ExecutionNoNo
CVE-2024-21324Microsoft Defender for IoT Elevation of Privilege VulnerabilityMicrosoft Defender for IoTImportant7.2Elevation of PrivilegeNoNo
CVE-2024-21447Windows Authentication Elevation of Privilege VulnerabilityWindows Authentication MethodsImportant7.8Elevation of PrivilegeNoNo
CVE-2024-26193Azure Migrate Remote Code Execution VulnerabilityAzure MigrateImportant6.4Remote Code ExecutionNoNo
CVE-2024-26168Secure Boot Security Feature Bypass VulnerabilityWindows Secure BootImportant6.8Security Feature BypassNoNo
CVE-2024-26171Secure Boot Security Feature Bypass VulnerabilityWindows Secure BootImportant6.7Security Feature BypassNoNo
CVE-2024-26175Secure Boot Security Feature Bypass VulnerabilityWindows Secure BootImportant7.8Security Feature BypassNoNo
CVE-2024-26180Secure Boot Security Feature Bypass VulnerabilityWindows Secure BootImportant8Security Feature BypassNoNo
CVE-2024-26183Windows Kerberos Denial of Service VulnerabilityWindows KerberosImportant6.5Denial of ServiceNoNo
CVE-2024-26189Secure Boot Security Feature Bypass VulnerabilityWindows Secure BootImportant8Security Feature BypassNoNo
CVE-2024-26194Secure Boot Security Feature Bypass VulnerabilityWindows Secure BootImportant7.4Security Feature BypassNoNo
CVE-2024-26195DHCP Server Service Remote Code Execution VulnerabilityWindows DHCP ServerImportant7.2Remote Code ExecutionNoNo
CVE-2024-26202DHCP Server Service Remote Code Execution VulnerabilityWindows DHCP ServerImportant7.2Remote Code ExecutionNoNo
CVE-2024-26209Microsoft Local Security Authority Subsystem Service Information Disclosure VulnerabilityWindows Local Security Authority Subsystem Service (LSASS)Important5.5Information DisclosureNoNo
CVE-2024-26218Windows Kernel Elevation of Privilege VulnerabilityWindows KernelImportant7.8Elevation of PrivilegeNoNo
CVE-2024-26219HTTP.sys Denial of Service VulnerabilityWindows HTTP.sysImportant7.5Denial of ServiceNoNo
CVE-2024-26220Windows Mobile Hotspot Information Disclosure VulnerabilityWindows Mobile HotspotImportant5Information DisclosureNoNo
CVE-2024-26221Windows DNS Server Remote Code Execution VulnerabilityRole: DNS ServerImportant7.2Remote Code ExecutionNoNo
CVE-2024-26222Windows DNS Server Remote Code Execution VulnerabilityRole: DNS ServerImportant7.2Remote Code ExecutionNoNo
CVE-2024-26223Windows DNS Server Remote Code Execution VulnerabilityRole: DNS ServerImportant7.2Remote Code ExecutionNoNo
CVE-2024-26224Windows DNS Server Remote Code Execution VulnerabilityRole: DNS ServerImportant7.2Remote Code ExecutionNoNo
CVE-2024-26227Windows DNS Server Remote Code Execution VulnerabilityRole: DNS ServerImportant7.2Remote Code ExecutionNoNo
CVE-2024-26231Windows DNS Server Remote Code Execution VulnerabilityRole: DNS ServerImportant7.2Remote Code ExecutionNoNo
CVE-2024-26233Windows DNS Server Remote Code Execution VulnerabilityRole: DNS ServerImportant7.2Remote Code ExecutionNoNo
CVE-2024-26241Win32k Elevation of Privilege VulnerabilityWindows Win32K – ICOMPImportant7.8Elevation of PrivilegeNoNo
CVE-2024-26243Windows USB Print Driver Elevation of Privilege VulnerabilityWindows USB Print DriverImportant7Elevation of PrivilegeNoNo
CVE-2024-26248Windows Kerberos Elevation of Privilege VulnerabilityWindows KerberosImportant7.5Elevation of PrivilegeNoNo
CVE-2024-26210Microsoft WDAC OLE DB Provider for SQL Server Remote Code Execution VulnerabilityMicrosoft WDAC OLE DB provider for SQLImportant8.8Remote Code ExecutionNoNo
CVE-2024-26229Windows CSC Service Elevation of Privilege VulnerabilityWindows KernelImportant7.8Elevation of PrivilegeNoNo
CVE-2024-26234Proxy Driver Spoofing VulnerabilityWindows Proxy DriverImportant6.7SpoofingYesYes
CVE-2024-26235Windows Update Stack Elevation of Privilege VulnerabilityWindows Update StackImportant7.8Elevation of PrivilegeNoNo
CVE-2024-26236Windows Update Stack Elevation of Privilege VulnerabilityWindows Update StackImportant7Elevation of PrivilegeNoNo
CVE-2024-26237Windows Defender Credential Guard Elevation of Privilege VulnerabilityWindows Defender Credential GuardImportant7.8Elevation of PrivilegeNoNo
CVE-2024-26242Windows Telephony Server Elevation of Privilege VulnerabilityWindows Telephony ServerImportant7Elevation of PrivilegeNoNo
CVE-2024-26244Microsoft WDAC OLE DB Provider for SQL Server Remote Code Execution VulnerabilityMicrosoft WDAC OLE DB provider for SQLImportant8.8Remote Code ExecutionNoNo
CVE-2024-26245Windows SMB Elevation of Privilege VulnerabilityWindows KernelImportant7.8Elevation of PrivilegeNoNo
CVE-2024-26207Windows Remote Access Connection Manager Information Disclosure VulnerabilityWindows Remote Access Connection ManagerImportant5.5Information DisclosureNoNo
CVE-2024-26208Microsoft Message Queuing (MSMQ) Remote Code Execution VulnerabilityWindows Message QueuingImportant7.2Remote Code ExecutionNoNo
CVE-2024-26211Windows Remote Access Connection Manager Elevation of Privilege VulnerabilityWindows Remote Access Connection ManagerImportant7.8Elevation of PrivilegeNoNo
CVE-2024-26212DHCP Server Service Denial of Service VulnerabilityWindows DHCP ServerImportant7.5Denial of ServiceNoNo
CVE-2024-26213Microsoft Brokering File System Elevation of Privilege VulnerabilityMicrosoft Brokering File SystemImportant7Elevation of PrivilegeNoNo
CVE-2024-26214Microsoft WDAC SQL Server ODBC Driver Remote Code Execution VulnerabilityMicrosoft WDAC ODBC DriverImportant8.8Remote Code ExecutionNoNo
CVE-2024-26215DHCP Server Service Denial of Service VulnerabilityWindows DHCP ServerImportant7.5Denial of ServiceNoNo
CVE-2024-26216Windows File Server Resource Management Service Elevation of Privilege VulnerabilityWindows File Server Resource Management ServiceImportant7.3Elevation of PrivilegeNoNo
CVE-2024-26217Windows Remote Access Connection Manager Information Disclosure VulnerabilityWindows Remote Access Connection ManagerImportant5.5Information DisclosureNoNo
CVE-2024-26226Windows Distributed File System (DFS) Information Disclosure VulnerabilityWindows Distributed File System (DFS)Important6.5Information DisclosureNoNo
CVE-2024-26228Windows Cryptographic Services Security Feature Bypass VulnerabilityWindows Cryptographic ServicesImportant7.8Security Feature BypassNoNo
CVE-2024-26230Windows Telephony Server Elevation of Privilege VulnerabilityWindows Remote Access Connection ManagerImportant7.8Elevation of PrivilegeNoNo
CVE-2024-26239Windows Telephony Server Elevation of Privilege VulnerabilityWindows Remote Access Connection ManagerImportant7.8Elevation of PrivilegeNoNo
CVE-2024-26240Secure Boot Security Feature Bypass VulnerabilityWindows Secure BootImportant8Security Feature BypassNoNo
CVE-2024-26251Microsoft SharePoint Server Spoofing VulnerabilityMicrosoft Office SharePointImportant6.8SpoofingNoNo
CVE-2024-26257Microsoft Excel Remote Code Execution VulnerabilityMicrosoft Office ExcelImportant7.8Remote Code ExecutionNoNo
CVE-2024-28924Secure Boot Security Feature Bypass VulnerabilityWindows Secure BootImportant6.7Security Feature BypassNoNo
CVE-2024-28925Secure Boot Security Feature Bypass VulnerabilityWindows Secure BootImportant8Security Feature BypassNoNo
CVE-2024-28897Secure Boot Security Feature Bypass VulnerabilityWindows Secure BootImportant6.8Security Feature BypassNoNo
CVE-2024-28900Windows Remote Access Connection Manager Information Disclosure VulnerabilityWindows Remote Access Connection ManagerImportant5.5Information DisclosureNoNo
CVE-2024-28904Microsoft Brokering File System Elevation of Privilege VulnerabilityMicrosoft Brokering File SystemImportant7.8Elevation of PrivilegeNoNo
CVE-2024-28907Microsoft Brokering File System Elevation of Privilege VulnerabilityMicrosoft Brokering File SystemImportant7.8Elevation of PrivilegeNoNo
CVE-2024-28917Azure Arc-enabled Kubernetes Extension Cluster-Scope Elevation of Privilege VulnerabilityAzure ArcImportant6.2Elevation of PrivilegeNoNo
CVE-2024-28926Microsoft OLE DB Driver for SQL Server Remote Code Execution VulnerabilitySQL ServerImportant8.8Remote Code ExecutionNoNo
CVE-2024-28927Microsoft OLE DB Driver for SQL Server Remote Code Execution VulnerabilitySQL ServerImportant8.8Remote Code ExecutionNoNo
CVE-2024-28930Microsoft ODBC Driver for SQL Server Remote Code Execution VulnerabilitySQL ServerImportant8.8Remote Code ExecutionNoNo
CVE-2024-28933Microsoft ODBC Driver for SQL Server Remote Code Execution VulnerabilitySQL ServerImportant8.8Remote Code ExecutionNoNo
CVE-2024-28934Microsoft ODBC Driver for SQL Server Remote Code Execution VulnerabilitySQL ServerImportant8.8Remote Code ExecutionNoNo
CVE-2024-28935Microsoft ODBC Driver for SQL Server Remote Code Execution VulnerabilitySQL ServerImportant8.8Remote Code ExecutionNoNo
CVE-2024-28937Microsoft ODBC Driver for SQL Server Remote Code Execution VulnerabilitySQL ServerImportant8.8Remote Code ExecutionNoNo
CVE-2024-28938Microsoft ODBC Driver for SQL Server Remote Code Execution VulnerabilitySQL ServerImportant8.8Remote Code ExecutionNoNo
CVE-2024-28940Microsoft OLE DB Driver for SQL Server Remote Code Execution VulnerabilitySQL ServerImportant8.8Remote Code ExecutionNoNo
CVE-2024-28941Microsoft ODBC Driver for SQL Server Remote Code Execution VulnerabilitySQL ServerImportant8.8Remote Code ExecutionNoNo
CVE-2024-28943Microsoft ODBC Driver for SQL Server Remote Code Execution VulnerabilitySQL ServerImportant8.8Remote Code ExecutionNoNo
CVE-2024-28944Microsoft OLE DB Driver for SQL Server Remote Code Execution VulnerabilitySQL ServerImportant8.8Remote Code ExecutionNoNo
CVE-2024-29044Microsoft OLE DB Driver for SQL Server Remote Code Execution VulnerabilitySQL ServerImportant8.8Remote Code ExecutionNoNo
CVE-2024-29046Microsoft OLE DB Driver for SQL Server Remote Code Execution VulnerabilitySQL ServerImportant8.8Remote Code ExecutionNoNo
CVE-2024-29048Microsoft OLE DB Driver for SQL Server Remote Code Execution VulnerabilitySQL ServerImportant8.8Remote Code ExecutionNoNo
CVE-2024-29052Windows Storage Elevation of Privilege VulnerabilityWindows StorageImportant7.8Elevation of PrivilegeNoNo
CVE-2024-29053Microsoft Defender for IoT Remote Code Execution VulnerabilityMicrosoft Defender for IoTCritical8.8Remote Code ExecutionNoNo
CVE-2024-29055Microsoft Defender for IoT Elevation of Privilege VulnerabilityMicrosoft Defender for IoTImportant7.2Elevation of PrivilegeNoNo
CVE-2024-29054Microsoft Defender for IoT Elevation of Privilege VulnerabilityMicrosoft Defender for IoTImportant7.2Elevation of PrivilegeNoNo
CVE-2024-29056Windows Authentication Elevation of Privilege VulnerabilityWindows Authentication MethodsImportant4.3Elevation of PrivilegeNoNo
CVE-2024-29061Secure Boot Security Feature Bypass VulnerabilityWindows Secure BootImportant7.8Security Feature BypassNoNo
CVE-2024-29062Secure Boot Security Feature Bypass VulnerabilityWindows Secure BootImportant7.1Security Feature BypassNoNo
CVE-2024-20670Outlook for Windows Spoofing VulnerabilityMicrosoft Office OutlookImportant8.1SpoofingNoNo
CVE-2024-29982Microsoft OLE DB Driver for SQL Server Remote Code Execution VulnerabilitySQL ServerImportant8.8Remote Code ExecutionNoNo
CVE-2024-29983Microsoft OLE DB Driver for SQL Server Remote Code Execution VulnerabilitySQL ServerImportant8.8Remote Code ExecutionNoNo
CVE-2024-29984Microsoft OLE DB Driver for SQL Server Remote Code Execution VulnerabilitySQL ServerImportant8.8Remote Code ExecutionNoNo
CVE-2024-29985Microsoft OLE DB Driver for SQL Server Remote Code Execution VulnerabilitySQL ServerImportant8.8Remote Code ExecutionNoNo
CVE-2024-23593Lenovo: CVE-2024-23593 Zero Out Boot Manager and drop to UEFI ShellWindows Secure BootImportant7.8Security Feature BypassNoNo
CVE-2024-29989Azure Monitor Agent Elevation of Privilege VulnerabilityAzure MonitorImportant8.4Elevation of PrivilegeNoNo
CVE-2024-29992Azure Identity Library for .NET Information Disclosure VulnerabilityAzure SDKModerate5.5Information DisclosureNoNo
CVE-2024-29993Azure CycleCloud Elevation of Privilege VulnerabilityAzureImportant8.8Elevation of PrivilegeNoNo

Quickly Find and Fix Your Most At-Risk Weaknesses

Watch this demo to see how Frontline VM can help.

Watch now

Patch Tuesday Update - March 2024

 

Fortra VM will include the Microsoft Patch Tuesday checks in the NIRV 4.38.0 and FVM Agent 2.5 releases.

  • Microsoft addressed 60 vulnerabilities in this release, including 2 rated as Critical and 18 Remote Code Execution vulnerabilities.
CVE/AdvisoryTitleTagMicrosoft Severity RatingBase ScoreMicrosoft ImpactExploitedPublicly Disclosed
CVE-2024-20671Microsoft Defender Security Feature Bypass VulnerabilityWindows DefenderImportant5.5Security Feature BypassNoNo
CVE-2024-21392.NET and Visual Studio Denial of Service Vulnerability.NETImportant7.5Denial of ServiceNoNo
CVE-2024-21411Skype for Consumer Remote Code Execution VulnerabilitySkype for ConsumerImportant8.8Remote Code ExecutionNoNo
CVE-2024-21418Software for Open Networking in the Cloud (SONiC) Elevation of Privilege VulnerabilitySoftware for Open Networking in the Cloud (SONiC)Important7.8Elevation of PrivilegeNoNo
CVE-2024-21421Azure SDK Spoofing VulnerabilityAzure SDKImportant7.5SpoofingNoNo
CVE-2024-21426Microsoft SharePoint Server Remote Code Execution VulnerabilityMicrosoft Office SharePointImportant7.8Remote Code ExecutionNoNo
CVE-2024-21429Windows USB Hub Driver Remote Code Execution VulnerabilityWindows USB Hub DriverImportant6.8Remote Code ExecutionNoNo
CVE-2024-21430Windows USB Attached SCSI (UAS) Protocol Remote Code Execution VulnerabilityWindows USB Serial DriverImportant5.7Remote Code ExecutionNoNo
CVE-2024-21438Microsoft AllJoyn API Denial of Service VulnerabilityWindows AllJoyn APIImportant7.5Denial of ServiceNoNo
CVE-2024-21439Windows Telephony Server Elevation of Privilege VulnerabilityWindows Telephony ServerImportant7Elevation of PrivilegeNoNo
CVE-2024-21441Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution VulnerabilityMicrosoft WDAC OLE DB provider for SQLImportant8.8Remote Code ExecutionNoNo
CVE-2024-21442Windows USB Print Driver Elevation of Privilege VulnerabilityWindows USB Print DriverImportant7.8Elevation of PrivilegeNoNo
CVE-2024-21443Windows Kernel Elevation of Privilege VulnerabilityWindows KernelImportant7.3Elevation of PrivilegeNoNo
CVE-2024-21444Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution VulnerabilityMicrosoft WDAC OLE DB provider for SQLImportant8.8Remote Code ExecutionNoNo
CVE-2024-21445Windows USB Print Driver Elevation of Privilege VulnerabilityWindows USB Print DriverImportant7Elevation of PrivilegeNoNo
CVE-2024-21446NTFS Elevation of Privilege VulnerabilityWindows NTFSImportant7.8Elevation of PrivilegeNoNo
CVE-2024-21450Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution VulnerabilityMicrosoft WDAC OLE DB provider for SQLImportant8.8Remote Code ExecutionNoNo
CVE-2024-21451Microsoft ODBC Driver Remote Code Execution VulnerabilityMicrosoft WDAC ODBC DriverImportant8.8Remote Code ExecutionNoNo
CVE-2024-26197Windows Standards-Based Storage Management Service Denial of Service VulnerabilityWindows Standards-Based Storage Management ServiceImportant6.5Denial of ServiceNoNo
CVE-2024-26159Microsoft ODBC Driver Remote Code Execution VulnerabilityWindows ODBC DriverImportant8.8Remote Code ExecutionNoNo
CVE-2024-26190Microsoft QUIC Denial of Service VulnerabilityMicrosoft QUICImportant7.5Denial of ServiceNoNo
CVE-2024-26198Microsoft Exchange Server Remote Code Execution VulnerabilityMicrosoft Exchange ServerImportant8.8Remote Code ExecutionNoNo
CVE-2024-26199Microsoft Office Elevation of Privilege VulnerabilityMicrosoft OfficeImportant7.8Elevation of PrivilegeNoNo
CVE-2024-26201Microsoft Intune Linux Agent Elevation of Privilege VulnerabilityMicrosoft IntuneImportant6.6Elevation of PrivilegeNoNo
CVE-2024-26203Azure Data Studio Elevation of Privilege VulnerabilityAzure Data StudioImportant7.3Elevation of PrivilegeNoNo
CVE-2024-26161Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution VulnerabilityMicrosoft WDAC OLE DB provider for SQLImportant8.8Remote Code ExecutionNoNo
CVE-2024-26164Microsoft Django Backend for SQL Server Remote Code Execution VulnerabilityMicrosoft Django Backend for SQL ServerImportant8.8Remote Code ExecutionNoNo
CVE-2024-21330Open Management Infrastructure (OMI) Elevation of Privilege VulnerabilityOpen Management InfrastructureImportant7.8Elevation of PrivilegeNoNo
CVE-2024-21334Open Management Infrastructure (OMI) Remote Code Execution VulnerabilityOpen Management InfrastructureImportant9.8Remote Code ExecutionNoNo
CVE-2024-21390Microsoft Authenticator Elevation of Privilege VulnerabilityMicrosoft AuthenticatorImportant7.1Elevation of PrivilegeNoNo
CVE-2024-21400Microsoft Azure Kubernetes Service Confidential Container Elevation of Privilege VulnerabilityMicrosoft Azure Kubernetes ServiceImportant9Elevation of PrivilegeNoNo
CVE-2024-21407Windows Hyper-V Remote Code Execution VulnerabilityRole: Windows Hyper-VCritical8.1Remote Code ExecutionNoNo
CVE-2024-21408Windows Hyper-V Denial of Service VulnerabilityRole: Windows Hyper-VCritical5.5Denial of ServiceNoNo
CVE-2024-21419Microsoft Dynamics 365 (on-premises) Cross-site Scripting VulnerabilityMicrosoft DynamicsImportant7.6SpoofingNoNo
CVE-2024-21427Windows Kerberos Security Feature Bypass VulnerabilityWindows KerberosImportant7.5Security Feature BypassNoNo
CVE-2024-21431Hypervisor-Protected Code Integrity (HVCI) Security Feature Bypass VulnerabilityWindows Hypervisor-Protected Code IntegrityImportant7.8Security Feature BypassNoNo
CVE-2024-21432Windows Update Stack Elevation of Privilege VulnerabilityWindows Update StackImportant7Elevation of PrivilegeNoNo
CVE-2024-21433Windows Print Spooler Elevation of Privilege VulnerabilityWindows Print Spooler ComponentsImportant7Elevation of PrivilegeNoNo
CVE-2024-21434Microsoft Windows SCSI Class System File Elevation of Privilege VulnerabilityMicrosoft Windows SCSI Class System FileImportant7.8Elevation of PrivilegeNoNo
CVE-2024-21435Windows OLE Remote Code Execution VulnerabilityWindows OLEImportant8.8Remote Code ExecutionNoNo
CVE-2024-21436Windows Installer Elevation of Privilege VulnerabilityWindows InstallerImportant7.8Elevation of PrivilegeNoNo
CVE-2024-21437Windows Graphics Component Elevation of Privilege VulnerabilityMicrosoft Graphics ComponentImportant7.8Elevation of PrivilegeNoNo
CVE-2024-21440Microsoft ODBC Driver Remote Code Execution VulnerabilityWindows ODBC DriverImportant8.8Remote Code ExecutionNoNo
CVE-2024-21448Microsoft Teams for Android Information Disclosure VulnerabilityMicrosoft Teams for AndroidImportant5Information DisclosureNoNo
CVE-2024-26160Windows Cloud Files Mini Filter Driver Information Disclosure VulnerabilityWindows Cloud Files Mini Filter DriverImportant5.5Information DisclosureNoNo
CVE-2024-26162Microsoft ODBC Driver Remote Code Execution VulnerabilityWindows ODBC DriverImportant8.8Remote Code ExecutionNoNo
CVE-2024-26166Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution VulnerabilityMicrosoft WDAC OLE DB provider for SQLImportant8.8Remote Code ExecutionNoNo
CVE-2024-26169Windows Error Reporting Service Elevation of Privilege VulnerabilityWindows Error ReportingImportant7.8Elevation of PrivilegeNoNo
CVE-2024-26170Windows Composite Image File System (CimFS) Elevation of Privilege VulnerabilityWindows Composite Image File SystemImportant7.8Elevation of PrivilegeNoNo
CVE-2024-26173Windows Kernel Elevation of Privilege VulnerabilityWindows KernelImportant7.8Elevation of PrivilegeNoNo
CVE-2024-26174Windows Kernel Information Disclosure VulnerabilityWindows KernelImportant5.5Information DisclosureNoNo
CVE-2024-26176Windows Kernel Elevation of Privilege VulnerabilityWindows KernelImportant7.8Elevation of PrivilegeNoNo
CVE-2024-26177Windows Kernel Information Disclosure VulnerabilityWindows KernelImportant5.5Information DisclosureNoNo
CVE-2024-26178Windows Kernel Elevation of Privilege VulnerabilityWindows KernelImportant7.8Elevation of PrivilegeNoNo
CVE-2024-26181Windows Kernel Denial of Service VulnerabilityWindows KernelImportant5.5Denial of ServiceNoNo
CVE-2024-26182Windows Kernel Elevation of Privilege VulnerabilityWindows KernelImportant7.8Elevation of PrivilegeNoNo
CVE-2024-26185Windows Compressed Folder Tampering VulnerabilityWindows Compressed FolderImportant6.5TamperingNoNo
CVE-2023-28746Intel: CVE-2023-28746 Register File Data Sampling (RFDS)IntelImportantN/AInformation DisclosureNoNo
CVE-2024-26204Outlook for Android Information Disclosure VulnerabilityOutlook for AndroidImportant7.5Information DisclosureNoNo
CVE-2024-26165Visual Studio Code Elevation of Privilege VulnerabilityVisual Studio CodeImportant8.8Elevation of PrivilegeNoNo

Quickly Find and Fix Your Most At-Risk Weaknesses

Watch this demo to see how Frontline VM can help.

Watch now

Patch Tuesday Update - February 2024

 

Frontline.Cloud will include the Microsoft Patch Tuesday checks in the NIRV 4.36.0 and Frontline Agent 2.4 releases.

  • Microsoft addressed 73 vulnerabilities in this release, including 5 rated as Critical and 30 Remote Code Execution vulnerabilities.
  • This release also includes fixes for CVE-2024-21351 and CVE-2024-21412 that have been exploited in the wild.
    • Internet Shortcut Files Security Feature Bypass Vulnerability (CVE-2024-21412)
      • This vulnerability requires an attacker to trick a user into executing a malicious file.
    • Windows SmartScreen Security Feature Bypass Vulnerability (CVE-2024-21351)
      • According to Microsoft, this vulnerability could allow an attacker to inject code into Windows SmartScreen to possibly achieve code execution after tricking a user into executing a malicious file.
CVE/AdvisoryTitleTagMicrosoft Severity RatingBase ScoreMicrosoft ImpactExploitedPublicly Disclosed
CVE-2024-20667Azure DevOps Server Remote Code Execution VulnerabilityAzure DevOpsImportant7.5Remote Code ExecutionNoNo
CVE-2023-50387MITRE: CVE-2023-50387 DNSSEC verification complexity can be exploited to exhaust CPU resources and stall DNS resolversRole: DNS ServerImportantN/ADenial of ServiceNoNo
CVE-2024-21327Microsoft Dynamics 365 Customer Engagement Cross-Site Scripting VulnerabilityMicrosoft DynamicsImportant7.6SpoofingNoNo
CVE-2024-21329Azure Connected Machine Agent Elevation of Privilege VulnerabilityAzure Connected Machine AgentImportant7.3Elevation of PrivilegeNoNo
CVE-2024-21338Windows Kernel Elevation of Privilege VulnerabilityWindows KernelImportant7.8Elevation of PrivilegeNoNo
CVE-2024-21340Windows Kernel Information Disclosure VulnerabilityWindows KernelImportant4.6Information DisclosureNoNo
CVE-2024-21349Microsoft ActiveX Data Objects Remote Code Execution VulnerabilityMicrosoft ActiveXImportant8.8Remote Code ExecutionNoNo
CVE-2024-21350Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution VulnerabilityMicrosoft WDAC OLE DB provider for SQLImportant8.8Remote Code ExecutionNoNo
CVE-2024-21351Windows SmartScreen Security Feature Bypass VulnerabilityWindows SmartScreenModerate7.6Security Feature BypassYesNo
CVE-2024-21352Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution VulnerabilityMicrosoft WDAC OLE DB provider for SQLImportant8.8Remote Code ExecutionNoNo
CVE-2024-21354Microsoft Message Queuing (MSMQ) Elevation of Privilege VulnerabilityWindows Message QueuingImportant7.8Elevation of PrivilegeNoNo
CVE-2024-21357Windows Pragmatic General Multicast (PGM) Remote Code Execution VulnerabilityWindows Internet Connection Sharing (ICS)Critical7.5Remote Code ExecutionNoNo
CVE-2024-21358Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution VulnerabilityMicrosoft WDAC OLE DB provider for SQLImportant8.8Remote Code ExecutionNoNo
CVE-2024-21360Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution VulnerabilityMicrosoft WDAC OLE DB provider for SQLImportant8.8Remote Code ExecutionNoNo
CVE-2024-21361Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution VulnerabilityMicrosoft WDAC OLE DB provider for SQLImportant8.8Remote Code ExecutionNoNo
CVE-2024-21366Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution VulnerabilityMicrosoft WDAC OLE DB provider for SQLImportant8.8Remote Code ExecutionNoNo
CVE-2024-21369Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution VulnerabilityMicrosoft WDAC OLE DB provider for SQLImportant8.8Remote Code ExecutionNoNo
CVE-2024-21371Windows Kernel Elevation of Privilege VulnerabilityWindows KernelImportant7Elevation of PrivilegeNoNo
CVE-2024-21372Windows OLE Remote Code Execution VulnerabilityWindows OLEImportant8.8Remote Code ExecutionNoNo
CVE-2024-21375Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution VulnerabilityMicrosoft WDAC OLE DB provider for SQLImportant8.8Remote Code ExecutionNoNo
CVE-2024-21379Microsoft Word Remote Code Execution VulnerabilityMicrosoft Office WordImportant7.8Remote Code ExecutionNoNo
CVE-2024-21381Microsoft Azure Active Directory B2C Spoofing VulnerabilityAzure Active DirectoryImportant6.8SpoofingNoNo
CVE-2024-21386.NET Denial of Service Vulnerability.NETImportant7.5Denial of ServiceNoNo
CVE-2024-21389Microsoft Dynamics 365 (on-premises) Cross-site Scripting VulnerabilityMicrosoft DynamicsImportant7.6SpoofingNoNo
CVE-2024-21393Microsoft Dynamics 365 (on-premises) Cross-site Scripting VulnerabilityMicrosoft DynamicsImportant7.6SpoofingNoNo
CVE-2024-21394Dynamics 365 Field Service Spoofing VulnerabilityMicrosoft DynamicsImportant7.6SpoofingNoNo
CVE-2024-21396Dynamics 365 Sales Spoofing VulnerabilityMicrosoft DynamicsImportant7.6SpoofingNoNo
CVE-2024-21401Microsoft Entra Jira Single-Sign-On Plugin Elevation of Privilege VulnerabilityAzure Active DirectoryImportant9.8Elevation of PrivilegeNoNo
CVE-2024-21402Microsoft Outlook Elevation of Privilege VulnerabilityMicrosoft Office OutlookImportant7.1Elevation of PrivilegeNoNo
CVE-2024-21404.NET Denial of Service Vulnerability.NETImportant7.5Denial of ServiceNoNo
CVE-2024-21413Microsoft Outlook Remote Code Execution VulnerabilityMicrosoft OfficeCritical9.8Remote Code ExecutionNoNo
CVE-2024-21420Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution VulnerabilityMicrosoft WDAC OLE DB provider for SQLImportant8.8Remote Code ExecutionNoNo
CVE-2024-20673Microsoft Office Remote Code Execution VulnerabilityMicrosoft OfficeImportant7.8Remote Code ExecutionNoNo
CVE-2024-20679Azure Stack Hub Spoofing VulnerabilityAzure StackImportant6.5SpoofingNoNo
CVE-2024-21304Trusted Compute Base Elevation of Privilege VulnerabilityTrusted Compute BaseImportant4.1Elevation of PrivilegeNoNo
CVE-2024-21315Microsoft Defender for Endpoint Protection Elevation of Privilege VulnerabilityMicrosoft Defender for EndpointImportant7.8Elevation of PrivilegeNoNo
CVE-2024-20695Skype for Business Information Disclosure VulnerabilitySkype for BusinessImportant5.7Information DisclosureNoNo
CVE-2024-21328Dynamics 365 Sales Spoofing VulnerabilityMicrosoft DynamicsImportant7.6SpoofingNoNo
CVE-2024-20684Windows Hyper-V Denial of Service VulnerabilityWindows Hyper-VCritical6.5Denial of ServiceNoNo
CVE-2024-21339Windows USB Generic Parent Driver Remote Code Execution VulnerabilityWindows USB Serial DriverImportant6.4Remote Code ExecutionNoNo
CVE-2024-21341Windows Kernel Remote Code Execution VulnerabilityWindows KernelImportant6.8Remote Code ExecutionNoNo
CVE-2024-21342Windows DNS Client Denial of Service VulnerabilityRole: DNS ServerImportant7.5Denial of ServiceNoNo
CVE-2024-21343Windows Network Address Translation (NAT) Denial of Service VulnerabilityWindows Internet Connection Sharing (ICS)Important5.9Denial of ServiceNoNo
CVE-2024-21344Windows Network Address Translation (NAT) Denial of Service VulnerabilityWindows Internet Connection Sharing (ICS)Important5.9Denial of ServiceNoNo
CVE-2024-21345Windows Kernel Elevation of Privilege VulnerabilityWindows KernelImportant8.8Elevation of PrivilegeNoNo
CVE-2024-21346Win32k Elevation of Privilege VulnerabilityWindows Win32K – ICOMPImportant7.8Elevation of PrivilegeNoNo
CVE-2024-21347Microsoft ODBC Driver Remote Code Execution VulnerabilitySQL ServerImportant7.5Remote Code ExecutionNoNo
CVE-2024-21348Internet Connection Sharing (ICS) Denial of Service VulnerabilityWindows Internet Connection Sharing (ICS)Important7.5Denial of ServiceNoNo
CVE-2024-21353Microsoft WDAC ODBC Driver Remote Code Execution VulnerabilityMicrosoft WDAC ODBC DriverImportant8.8Remote Code ExecutionNoNo
CVE-2024-21355Microsoft Message Queuing (MSMQ) Elevation of Privilege VulnerabilityWindows Message QueuingImportant7Elevation of PrivilegeNoNo
CVE-2024-21356Windows Lightweight Directory Access Protocol (LDAP) Denial of Service VulnerabilityWindows LDAP – Lightweight Directory Access ProtocolImportant6.5Denial of ServiceNoNo
CVE-2024-21359Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution VulnerabilityMicrosoft WDAC OLE DB provider for SQLImportant8.8Remote Code ExecutionNoNo
CVE-2024-21362Windows Kernel Security Feature Bypass VulnerabilityWindows KernelImportant5.5Security Feature BypassNoNo
CVE-2024-21363Microsoft Message Queuing (MSMQ) Remote Code Execution VulnerabilityWindows Message QueuingImportant7.8Remote Code ExecutionNoNo
CVE-2024-21364Microsoft Azure Site Recovery Elevation of Privilege VulnerabilityAzure Site RecoveryModerate9.3Elevation of PrivilegeNoNo
CVE-2024-21365Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution VulnerabilityMicrosoft WDAC OLE DB provider for SQLImportant8.8Remote Code ExecutionNoNo
CVE-2024-21367Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution VulnerabilityMicrosoft WDAC OLE DB provider for SQLImportant8.8Remote Code ExecutionNoNo
CVE-2024-21368Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution VulnerabilityMicrosoft WDAC OLE DB provider for SQLImportant8.8Remote Code ExecutionNoNo
CVE-2024-21370Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution VulnerabilityMicrosoft WDAC OLE DB provider for SQLImportant8.8Remote Code ExecutionNoNo
CVE-2024-21374Microsoft Teams for Android Information DisclosureMicrosoft Teams for AndroidImportant5Information DisclosureNoNo
CVE-2024-21376Microsoft Azure Kubernetes Service Confidential Container Remote Code Execution VulnerabilityMicrosoft Azure Kubernetes ServiceImportant9Remote Code ExecutionNoNo
CVE-2024-21377Windows DNS Information Disclosure VulnerabilityMicrosoft Windows DNSImportant7.1Information DisclosureNoNo
CVE-2024-21378Microsoft Outlook Remote Code Execution VulnerabilityMicrosoft Office OutlookImportant8Remote Code ExecutionNoNo
CVE-2024-21380Microsoft Dynamics Business Central/NAV Information Disclosure VulnerabilityMicrosoft DynamicsCritical8Information DisclosureNoNo
CVE-2024-21384Microsoft Office OneNote Remote Code Execution VulnerabilityMicrosoft Office OneNoteImportant7.8Remote Code ExecutionNoNo
CVE-2024-21391Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution VulnerabilityMicrosoft WDAC OLE DB provider for SQLImportant8.8Remote Code ExecutionNoNo
CVE-2024-21395Microsoft Dynamics 365 (on-premises) Cross-site Scripting VulnerabilityMicrosoft DynamicsImportant8.2SpoofingNoNo
CVE-2024-21397Microsoft Azure File Sync Elevation of Privilege VulnerabilityAzure File SyncImportant5.3Elevation of PrivilegeNoNo
CVE-2024-21403Microsoft Azure Kubernetes Service Confidential Container Elevation of Privilege VulnerabilityMicrosoft Azure Kubernetes ServiceImportant9Elevation of PrivilegeNoNo
CVE-2024-21405Microsoft Message Queuing (MSMQ) Elevation of Privilege VulnerabilityWindows Message QueuingImportant7Elevation of PrivilegeNoNo
CVE-2024-21406Windows Printing Service Spoofing VulnerabilityMicrosoft WindowsImportant7.5SpoofingNoNo
CVE-2024-21410Microsoft Exchange Server Elevation of Privilege VulnerabilityMicrosoft Exchange ServerCritical9.8Elevation of PrivilegeNoNo
CVE-2024-21412Internet Shortcut Files Security Feature Bypass VulnerabilityInternet Shortcut FilesImportant8.1Security Feature BypassYesNo

Quickly Find and Fix Your Most At-Risk Weaknesses

Watch this demo to see how Frontline VM can help.

Watch now

Patch Tuesday Update - January 2024

 

Frontline.Cloud will include the Microsoft Patch Tuesday checks in the NIRV 4.34.0 and Frontline Agent 2.3 releases.

  • Microsoft addressed 49 vulnerabilities in this release, including 2 rated as Critical and 12 Remote Code Execution vulnerabilities.
CVE/AdvisoryTitleTagMicrosoft Severity RatingBase ScoreMicrosoft ImpactExploitedPublicly Disclosed
CVE-2024-20666BitLocker Security Feature Bypass VulnerabilityWindows BitLockerImportant6.6Security Feature BypassNoNo
CVE-2024-20674Windows Kerberos Security Feature Bypass VulnerabilityWindows Authentication MethodsCritical9Security Feature BypassNoNo
CVE-2024-20677Microsoft Office Remote Code Execution VulnerabilityMicrosoft OfficeImportant7.8Remote Code ExecutionNoNo
CVE-2024-20676Azure Storage Mover Remote Code Execution VulnerabilityAzure Storage MoverImportant8Remote Code ExecutionNoNo
CVE-2024-20654Microsoft ODBC Driver Remote Code Execution VulnerabilityWindows ODBC DriverImportant8Remote Code ExecutionNoNo
CVE-2024-20657Windows Group Policy Elevation of Privilege VulnerabilityWindows Group PolicyImportant7Elevation of PrivilegeNoNo
CVE-2024-20658Microsoft Virtual Hard Disk Elevation of Privilege VulnerabilityMicrosoft Virtual Hard DriveImportant7.8Elevation of PrivilegeNoNo
CVE-2024-20680Windows Message Queuing Client (MSMQC) Information DisclosureWindows Message QueuingImportant6.5Information DisclosureNoNo
CVE-2024-20682Windows Cryptographic Services Remote Code Execution VulnerabilityWindows Cryptographic ServicesImportant7.8Remote Code ExecutionNoNo
CVE-2024-20683Win32k Elevation of Privilege VulnerabilityWindows Win32KImportant7.8Elevation of PrivilegeNoNo
CVE-2024-20690Windows Nearby Sharing Spoofing VulnerabilityWindows Nearby SharingImportant6.5SpoofingNoNo
CVE-2024-20691Windows Themes Information Disclosure VulnerabilityWindows ThemesImportant4.7Information DisclosureNoNo
CVE-2024-20694Windows CoreMessaging Information Disclosure  VulnerabilityWindows Collaborative Translation FrameworkImportant5.5Information DisclosureNoNo
CVE-2022-35737MITRE: CVE-2022-35737 SQLite allows an array-bounds overflowSQLiteImportantN/ARemote Code ExecutionNoNo
CVE-2024-20696Windows Libarchive Remote Code Execution VulnerabilityWindows LibarchiveImportant7.3Remote Code ExecutionNoNo
CVE-2024-20697Windows Libarchive Remote Code Execution VulnerabilityWindows LibarchiveImportant7.3Remote Code ExecutionNoNo
CVE-2024-20698Windows Kernel Elevation of Privilege VulnerabilityWindows KernelImportant7.8Elevation of PrivilegeNoNo
CVE-2024-20699Windows Hyper-V Denial of Service VulnerabilityWindows Hyper-VImportant5.5Denial of ServiceNoNo
CVE-2024-20700Windows Hyper-V Remote Code Execution VulnerabilityWindows Hyper-VCritical7.5Remote Code ExecutionNoNo
CVE-2024-21305Hypervisor-Protected Code Integrity (HVCI) Security Feature Bypass VulnerabilityUnified Extensible Firmware InterfaceImportant4.4Security Feature BypassNoNo
CVE-2024-21307Remote Desktop Client Remote Code Execution VulnerabilityRemote Desktop ClientImportant7.5Remote Code ExecutionNoNo
CVE-2024-21313Windows TCP/IP Information Disclosure VulnerabilityWindows TCP/IPImportant5.3Information DisclosureNoNo
CVE-2024-21325Microsoft Printer Metadata Troubleshooter Tool Remote Code Execution VulnerabilityMicrosoft DevicesImportantN/ARemote Code ExecutionNoNo
CVE-2024-20672.NET Core and Visual Studio Denial of Service Vulnerability.NET Core & Visual StudioImportant7.5Denial of ServiceNoNo
CVE-2024-0056Microsoft.Data.SqlClient and System.Data.SqlClient SQL Data Provider Security Feature Bypass VulnerabilitySQL ServerImportant8.7Repudiation:Security Feature BypassNoNo
CVE-2024-0057NET, .NET Framework, and Visual Studio Security Feature Bypass Vulnerability.NET and Visual StudioImportant9.1Security Feature BypassNoNo
CVE-2024-20652Windows HTML Platforms Security Feature Bypass VulnerabilityWindows ScriptingImportant7.5Security Feature BypassNoNo
CVE-2024-20653Microsoft Common Log File System Elevation of Privilege VulnerabilityWindows Common Log File System DriverImportant7.8Elevation of PrivilegeNoNo
CVE-2024-20655Microsoft Online Certificate Status Protocol (OCSP) Remote Code Execution VulnerabilityWindows Online Certificate Status Protocol (OCSP) SnapInImportant6.6Remote Code ExecutionNoNo
CVE-2024-20656Visual Studio Elevation of Privilege VulnerabilityVisual StudioImportant7.8Elevation of PrivilegeNoNo
CVE-2024-20660Microsoft Message Queuing Information Disclosure VulnerabilityWindows Message QueuingImportant6.5Information DisclosureNoNo
CVE-2024-20661Microsoft Message Queuing Denial of Service VulnerabilityWindows Message QueuingImportant7.5Denial of ServiceNoNo
CVE-2024-20662Windows Online Certificate Status Protocol (OCSP) Information Disclosure VulnerabilityWindows Online Certificate Status Protocol (OCSP) SnapInImportant4.9Information DisclosureNoNo
CVE-2024-20663Windows Message Queuing Client (MSMQC) Information DisclosureWindows Message QueuingImportant6.5Information DisclosureNoNo
CVE-2024-20664Microsoft Message Queuing Information Disclosure VulnerabilityWindows Message QueuingImportant6.5Information DisclosureNoNo
CVE-2024-21316Windows Server Key Distribution Service Security Feature BypassWindows Server Key Distribution ServiceImportant6.1Security Feature BypassNoNo
CVE-2024-20681Windows Subsystem for Linux Elevation of Privilege VulnerabilityWindows Subsystem for LinuxImportant7.8Elevation of PrivilegeNoNo
CVE-2024-20686Win32k Elevation of Privilege VulnerabilityWindows Win32 Kernel SubsystemImportant7.8Elevation of PrivilegeNoNo
CVE-2024-20687Microsoft AllJoyn API Denial of Service VulnerabilityWindows AllJoyn APIImportant7.5Denial of ServiceNoNo
CVE-2024-20692Microsoft Local Security Authority Subsystem Service Information Disclosure VulnerabilityWindows Local Security Authority Subsystem Service (LSASS)Important5.7Information DisclosureNoNo
CVE-2024-21306Microsoft Bluetooth Driver Spoofing VulnerabilityMicrosoft Bluetooth DriverImportant5.7SpoofingNoNo
CVE-2024-21309Windows Kernel-Mode Driver Elevation of Privilege VulnerabilityWindows Kernel-Mode DriversImportant7.8Elevation of PrivilegeNoNo
CVE-2024-21310Windows Cloud Files Mini Filter Driver Elevation of Privilege VulnerabilityWindows Cloud Files Mini Filter DriverImportant7.8Elevation of PrivilegeNoNo
CVE-2024-21311Windows Cryptographic Services Information Disclosure VulnerabilityWindows Cryptographic ServicesImportant5.5Information DisclosureNoNo
CVE-2024-21312.NET Framework Denial of Service Vulnerability.NET FrameworkImportant7.5Denial of ServiceNoNo
CVE-2024-21314Microsoft Message Queuing Information Disclosure VulnerabilityWindows Message QueuingImportant6.5Information DisclosureNoNo
CVE-2024-21318Microsoft SharePoint Server Remote Code Execution VulnerabilityMicrosoft Office SharePointImportant8.8Remote Code ExecutionNoNo
CVE-2024-21319Microsoft Identity Denial of service vulnerabilityMicrosoft Identity ServicesImportant6.8Denial of ServiceNoNo
CVE-2024-21320Windows Themes Spoofing VulnerabilityWindows ThemesImportant6.5SpoofingNoNo
     

Quickly Find and Fix Your Most At-Risk Weaknesses

Watch this demo to see how Frontline VM can help.

Watch now

Why Some Companies Skip Vulnerability Management

 

Vulnerability Management may not be the most glamorous aspect of cybersecurity. But just like car insurance, brushing your teeth, and yearly physicals – it is absolutely vital to catching problems before it’s too late.  It’s no secret that many companies struggle for resources, especially their security departments.  And some unfortunately decide to skip security fundamentals that don’t include trendy buzz words. The drawback is that bypassing these proactive basics – like vulnerability management – will virtually guarantee you will encounter problems and larger expenses down the road. It’s like the old saying – an ounce of prevention is worth a pound of cure. In this case, if you think you can’t afford or don’t have time for vulnerability management, you certainly don’t have the resources to deal with the likes of a ransomware or DDOS attack resulting in a data breach or outage.    

Here are some common reasons companies give for skipping proactive security steps like vulnerability management:

“I’m too small to hack” 

Alas, there is no such company. It’s important to remember that most of the time, a cyberattack is very impersonal (read: it’s not about you). Let’s say you have less than $100,000 in revenue? You’re still likely to be a key link in a supply chain to a bigger partner. Even if that’s not the case, it’s a fact that your employees have bank accounts, SSNs, and a network of scammable friends malicious actors could exploit. If you have employees, then you also have personal data that is worth time and money to cyber attackers.  

For example, attackers targeted a $11-billion-dollar American retail chain via its HVAC vendor.  The cybercriminals assumed  that the HVAC company, a link in the retailer giant’s supply chain, would be an easier mark. The resulting breach cost  a total of $162 million out the door.  

It’s important to remember that size is relative.  A “small” consulting firm can have several multimillion-dollar clients. Companies that are smaller than Fortune 500 members can still be very lucrative targets – either themselves or via their supply chain.  Companies of all sizes must employ proactive measures like vulnerability management to protect themselves, clients, and business partners.  

Any organizations should take steps to ensure they don’t harbor any lingering cyberhealth issues like unpatched, known vulnerabilities. “What’s the worst that can happen?”  Well, for starters, you can go out of business. Many businesses aren’t built to weather a catastrophic data breach , so it’s best to play it safe. Remember, hope isn’t a strategy.  

Through IBM’s report, we’ve learned that the average cost of a data breach this year is $4.45 million USD. The average annual revenue of a small business in the US is $53,000 and A 2021 Hiscox report found that the average cost of a cyberattack in the US was $25,612. No matter how you cut it, facing a data breach could put a lot of smaller enterprises out of business.  

Larger businesses hardly fare better. While they may be able to withstand the financial cost (though who wants to), there are also the lawsuits and regulatory fines that can pile up swiftly. 

In addition, the reputational damage and loss of trust is another factor all its own. Even if the enterprise is able to stand up to the PR firestorm, fines, and residual costs, – 21-43% of consumers won’t shop with a brand again once it has suffered a data breach. Plus, in the Executive Suite, more C-levels are being held personally responsible for instances of data exfiltration, cyberattack, and data privacy lapses. And it doesn’t stop at the top.  One in four employees reported losing a job after making a security error that compromised the company.  Proactively protecting your infrastructure by identify and eliminating weaknesses means fewer opportunities for attacks that can fool the most vulnerable part of your company – your staff. 

“We don’t have the resources” 

Every company has resources, it’s just a matter of how they are allocated and what is prioritized.    If your organization’s security team is stretched onion-skin thin, there are options.  Managed Security Service Providers (MSSPs) can help by acting as an extension of your internal team. They can perform vulnerability scans, prioritize the outcomes, and help you remediate. Using the right tools can make a difference as well. If your team is empowered with a modern VM solution that is easy to use, provides risk-based prioritization, and offers intuitive reporting, they will be able to manage vulnerabilities and report on security efforts efficiently, optimizing the use of your scarce IT resources.   

Vulnerability scanning is like insurance. You hate paying the premiums, but if something happens, you never say “I wish I had my $367 a month back so I could instead pay $15,000 out of pocket.”  Similarly, the relatively low costs of a vulnerability scanning solution, or the MSSP that will provide it, are negligible when compared with the fact they can help you avoid compliance fines, sidestep a PR disaster, keep your data, and ultimately stay in business.  

“I’m afraid of what we’ll find” 

It’s the ostrich with its head in the sand syndrome. Fear of the results – and an attitude of incredulity when it comes to the next steps – stops many a good company from taking proactive measures. In today’s threat climate, plausible deniability is not an excuse. Companies are liable under a number of standards (GDPR, HIPAA, SOX, CCPA, and more) and fines and penalties can now be assigned to executives and those deemed responsible, either for their actions or inactions. Vulnerability management is a small price to pay for job security and the chance to keep your reputation intact.  

“We’ve got XYZ technology already – we’ve got it covered”  

Two decades ago, it was firewalls. Then next-generation firewalls. Then Network Detection and Response, DDoS, and a host of anything with heuristics and behavioral-driven detection. And those are all great. They’re just all reactive, and only helpful after an attack has occurred. None of them can do what vulnerability management can.  

You need defense-in-depth. There is no sense in arming a battleship but neglecting to test for water leaks. You’re putting your resources at risk and undermining the whole operation by not completing the fundamental safety measures. Attackers will find your weakest link – and they will look for the path of least resistance first.  

“We’re not even sure what to do” 

This is understandable. Vulnerability scans can reveal a host of opportunities to shore up defenses, and without the right guidance, the task can seem insurmountable. This is where an outsourced vulnerability management program can help.  

We know what to do. We know what you’re looking at, and how you should prioritize, and even how to get it done. We can help. By meeting with you on a monthly, weekly, or even bi-weekly basis we can help establish your VM program and the next steps that will make this a palatable, sustainable part of your cybersecurity toolbox. And it will save you a lot of trouble down the road. 

“We don’t want to interrupt operations” 

A lot of companies are afraid that regular vulnerability scans will interrupt the flow of operations. If they’re done right, they won’t have to. And there’s no interruption greater than the cyberattack that can result from failing to do so in the first place. It’s like saying you’re too busy to stop for gas; once the tank is empty, you’ll have plenty of time to wait.  

“We only scan the important stuff” 

A partway solution we’ve seen (which is really no solution at all) is companies only scanning their “vital” assets, or Crown Jewels. Rationalizing that this saves time, money, and resources, they don’t realize that it actually wastes the good you’ve done by leaving other glaring holes open somewhere else. For example, servers and payment systems will get scanned while employee items like personal PCs, mobile devices, and laptops get left out. When an attacker cases your company, those easy-to-breach, often ignored spots are the first place they’ll go. If an employee has downloaded a personal app or service and uses the same device for work, that undiscovered asset becomes Shadow IT that the SOC can not protect. 

Attackers don’t care how they get into the network. In an attempted attack earlier this year on a security firm, attackers exploited the personal email of a new employee in order to pivot further into the network and exfiltrate data. The attempt was ultimately unsuccessful, but the lesson is sobering. While we’re looking high, they’re looking low in terms of technical sophistication and difficulty. It’s time to start thinking like an attacker and proactively locking all the doors and plugging all the leaks. Complete and consistent vulnerability management it is this cornerstone of this strategy.  

“We did that last year” 

That brings us to another point. Vulnerability management is no more  one-and-done than is going to the gym, annual check-ups, or eating. They have to be done often to make any affect. Most organizations are evolving, with changing infrastructures and endpoints. It‘s likely your infrastructure will not look the same from one month to the next. Once a year vulnerability scans are too infrequent to protect a moving target. Attack vectors and methods continue to evolve as well, unearthing new weaknesses all the time. According to the National Vulnerability Database, there are upwards of about 2,000 new CVEs discovered every month. And each new service, app, or piece of technology comes with code that can likely have its own vulnerabilities as well. That’s a lot to keep track of, so accurate risk-based prioritization and management of vulnerabilities is essential.  

Being Proactive with Vulnerability Management 

Ultimately, a security strategy that is solely reactive is only half of a strategy.  Proactively identifying weaknesses before they are exploited can avoid a huge, costly debacle down the road.  Vulnerability Management may not be the sexiest thing in cybersecurity, but it is the foundation on which your strategy should be built.  

Modern VM Solutions 

Choosing a modern vulnerability management solution will save you time, headaches, and most likely data in the years to come.  Fortra Vulnerability Management  helps you get the ball rolling on your VM strategy and keep it rolling. More than a one-time fix, it’s a long-term solution that helps you identify, classify, and prioritize vulnerabilities on an ongoing basis. Stay ahead of vulnerabilities, old and new, and set your team up for proactive success in the years to come. 

Additional benefits include: 

  • Less set up. Fortra VM is quick to stand up and easy to use, shortening your time-to-value.  
  • Simplified action steps. Fortra VM provides easy to understand on demand reports, giving you all the information you need to take action, and in the right priority. 
  • Expert support to help you. You don’t have to go it alone. Our superior support staff of dedicated customer advocates are here to lend an extra hand, offer expertise, and extend guidance.  

Choose the Right VM Option For Your Organization

Every company has different cybersecurity needs and standard vulnerability management may not be enough.
Get The Case for Enterprise-Grade, Risk-Based Vulnerability Management guide and see how essential risk-based VM can be to your company.

Get the guide

Patch Tuesday Update - September 2023

 

Today’s Microsoft Security Update, Microsoft addressed 59 vulnerabilities, including five rated as Critical.

  • This release also includes three republished non-Microsoft CVEs to address issues in Microsoft Edge (Chromium-based), Visual Studio Code, and 3D Viewer.
  • Two of the CVEs fixed in this month’s release are also being exploited in the wild.
    • CVE-2023-36802
      • A privilege escalation vulnerability in the Microsoft Streaming Service Proxy could allow an attacker to gain SYSTEM privileges on the affected system.
    • CVE-2023-36761
      • This information disclosure vulnerability in Microsoft Word could result in the disclosure of NTLM hashes.
CVE/AdvisoryTitleTagMicrosoft Severity RatingBase ScoreMicrosoft ImpactExploitedPublicly Disclosed
CVE-2023-35355Windows Cloud Files Mini Filter Driver Elevation of Privilege VulnerabilityWindows Cloud Files Mini Filter DriverImportant7.8Elevation of PrivilegeNoNo
CVE-2023-38162DHCP Server Service Denial of Service VulnerabilityWindows DHCP ServerImportant7.5Denial of ServiceNoNo
CVE-2023-38161Windows GDI Elevation of Privilege VulnerabilityWindows GDIImportant7.8Elevation of PrivilegeNoNo
CVE-2023-38156Azure HDInsight Apache Ambari Elevation of Privilege VulnerabilityAzure HDInsightsImportant7.2Elevation of PrivilegeNoNo
CVE-2023-38152DHCP Server Service Information Disclosure VulnerabilityWindows DHCP ServerImportant5.3Information DisclosureNoNo
CVE-2023-38150Windows Kernel Elevation of Privilege VulnerabilityWindows KernelImportant7.8Elevation of PrivilegeNoNo
CVE-2023-38149Windows TCP/IP Denial of Service VulnerabilityWindows TCP/IPImportant7.5Denial of ServiceNoNo
CVE-2023-38148Internet Connection Sharing (ICS) Remote Code Execution VulnerabilityWindows Internet Connection Sharing (ICS)Critical8.8Remote Code ExecutionNoNo
CVE-2023-38147Windows Miracast Wireless Display Remote Code Execution VulnerabilityMicrosoft Windows Codecs LibraryImportant8.8Remote Code ExecutionNoNo
CVE-2023-38146Windows Themes Remote Code Execution VulnerabilityWindows ThemesImportant8.8Remote Code ExecutionNoNo
CVE-2023-38144Windows Common Log File System Driver Elevation of Privilege VulnerabilityWindows Common Log File System DriverImportant7.8Elevation of PrivilegeNoNo
CVE-2023-38143Windows Common Log File System Driver Elevation of Privilege VulnerabilityWindows Common Log File System DriverImportant7.8Elevation of PrivilegeNoNo
CVE-2023-38142Windows Kernel Elevation of Privilege VulnerabilityWindows KernelImportant7.8Elevation of PrivilegeNoNo
CVE-2023-38141Windows Kernel Elevation of Privilege VulnerabilityWindows KernelImportant7.8Elevation of PrivilegeNoNo
CVE-2023-38140Windows Kernel Information Disclosure VulnerabilityWindows KernelImportant5.5Information DisclosureNoNo
CVE-2023-38139Windows Kernel Elevation of Privilege VulnerabilityWindows KernelImportant7.8Elevation of PrivilegeNoNo
CVE-2023-36805Windows MSHTML Platform Security Feature Bypass VulnerabilityWindows ScriptingImportant7Security Feature BypassNoNo
CVE-2023-36804Windows GDI Elevation of Privilege VulnerabilityWindows GDIImportant7.8Elevation of PrivilegeNoNo
CVE-2023-36803Windows Kernel Information Disclosure VulnerabilityWindows KernelImportant5.5Information DisclosureNoNo
CVE-2023-36802Microsoft Streaming Service Proxy Elevation of Privilege VulnerabilityMicrosoft Streaming ServiceImportant7.8Elevation of PrivilegeYesNo
CVE-2023-36801DHCP Server Service Information Disclosure VulnerabilityWindows DHCP ServerImportant5.3Information DisclosureNoNo
CVE-2023-36767Microsoft Office Security Feature Bypass VulnerabilityMicrosoft OfficeImportant4.3Security Feature BypassNoNo
CVE-2023-36766Microsoft Excel Information Disclosure VulnerabilityMicrosoft Office ExcelImportant7.8Information DisclosureNoNo
CVE-2023-36765Microsoft Office Elevation of Privilege VulnerabilityMicrosoft OfficeImportant7.8Elevation of PrivilegeNoNo
CVE-2023-36759Visual Studio Elevation of Privilege VulnerabilityVisual StudioImportant6.7Elevation of PrivilegeNoNo
CVE-2023-36758Visual Studio Elevation of Privilege VulnerabilityVisual StudioImportant7.8Elevation of PrivilegeNoNo
CVE-2023-36757Microsoft Exchange Server Spoofing VulnerabilityMicrosoft Exchange ServerImportant8SpoofingNoNo
CVE-2023-36756Microsoft Exchange Server Remote Code Execution VulnerabilityMicrosoft Exchange ServerImportant8Remote Code ExecutionNoNo
CVE-2023-36745Microsoft Exchange Server Remote Code Execution VulnerabilityMicrosoft Exchange ServerImportant8Remote Code ExecutionNoNo
CVE-2023-36744Microsoft Exchange Server Remote Code Execution VulnerabilityMicrosoft Exchange ServerImportant8Remote Code ExecutionNoNo
CVE-2023-36742Visual Studio Code Remote Code Execution VulnerabilityVisual Studio CodeImportant7.8Remote Code ExecutionNoNo
CVE-2023-36736Microsoft Identity Linux Broker Remote Code Execution VulnerabilityMicrosoft Identity Linux BrokerImportant4.4Remote Code ExecutionNoNo
CVE-2023-41764Microsoft Office Spoofing VulnerabilityMicrosoft OfficeModerate5.5SpoofingNoNo
CVE-2022-41303AutoDesk: CVE-2022-41303 use-after-free vulnerability in Autodesk® FBX® SDK 2020 or prior3D ViewerImportantN/ARemote Code ExecutionNoNo
CVE-2023-29332Microsoft Azure Kubernetes Service Elevation of Privilege VulnerabilityMicrosoft Azure Kubernetes ServiceCritical7.5Elevation of PrivilegeNoNo
CVE-2023-33136Azure DevOps Server Remote Code Execution VulnerabilityAzure DevOpsImportant8.8Remote Code ExecutionNoNo
CVE-2023-36886Microsoft Dynamics 365 (on-premises) Cross-site Scripting VulnerabilityMicrosoft DynamicsImportant7.6SpoofingNoNo
CVE-2023-38164Microsoft Dynamics 365 (on-premises) Cross-site Scripting VulnerabilityMicrosoft DynamicsImportant7.6SpoofingNoNo
CVE-2023-38163Windows Defender Attack Surface Reduction Security Feature BypassWindows DefenderImportant7.8Security Feature BypassNoNo
CVE-2023-38160Windows TCP/IP Information Disclosure VulnerabilityWindows TCP/IPImportant5.5Information DisclosureNoNo
CVE-2023-38155Azure DevOps Server Remote Code Execution VulnerabilityAzure DevOpsImportant7Elevation of PrivilegeNoNo
CVE-2023-36800Dynamics Finance and Operations Cross-site Scripting VulnerabilityMicrosoft Dynamics Finance & OperationsImportant7.6SpoofingNoNo
CVE-2023-36799.NET Core and Visual Studio Denial of Service Vulnerability.NET Core & Visual StudioImportant6.5Denial of ServiceNoNo
CVE-2023-36796Visual Studio Remote Code Execution Vulnerability.NET and Visual StudioImportant/Critical7.8Remote Code ExecutionNoNo
CVE-2023-36794Visual Studio Remote Code Execution Vulnerability.NET and Visual StudioImportant7.8Remote Code ExecutionNoNo
CVE-2023-36793Visual Studio Remote Code Execution Vulnerability.NET and Visual StudioImportant/Critical7.8Remote Code ExecutionNoNo
CVE-2023-36792Visual Studio Remote Code Execution Vulnerability.NET and Visual StudioImportant/Critical7.8Remote Code ExecutionNoNo
CVE-2023-36788.NET Framework Remote Code Execution Vulnerability.NET FrameworkImportant7.8Remote Code ExecutionNoNo
CVE-2023-36777Microsoft Exchange Server Information Disclosure VulnerabilityMicrosoft Exchange ServerImportant5.7Information DisclosureNoNo
CVE-2023-367733D Builder Remote Code Execution Vulnerability3D BuilderImportant7.8Remote Code ExecutionNoNo
CVE-2023-367723D Builder Remote Code Execution Vulnerability3D BuilderImportant7.8Remote Code ExecutionNoNo
CVE-2023-367713D Builder Remote Code Execution Vulnerability3D BuilderImportant7.8Remote Code ExecutionNoNo
CVE-2023-367703D Builder Remote Code Execution Vulnerability3D BuilderImportant7.8Remote Code ExecutionNoNo
CVE-2023-36764Microsoft SharePoint Server Elevation of Privilege VulnerabilityMicrosoft Office SharePointImportant8.8Elevation of PrivilegeNoNo
CVE-2023-36763Microsoft Outlook Information Disclosure VulnerabilityMicrosoft Office OutlookImportant7.5Information DisclosureNoNo
CVE-2023-36762Microsoft Word Remote Code Execution VulnerabilityMicrosoft Office WordImportant7.3Remote Code ExecutionNoNo
CVE-2023-36761Microsoft Word Information Disclosure VulnerabilityMicrosoft Office WordImportant6.2Information DisclosureYesYes
CVE-2023-367603D Viewer Remote Code Execution Vulnerability3D ViewerImportant7.8Remote Code ExecutionNoNo
CVE-2023-39956Electron: CVE-2023-39956 -Visual Studio Code Remote Code Execution VulnerabilityVisual Studio CodeImportantN/ARemote Code ExecutionNoNo
CVE-2023-367403D Viewer Remote Code Execution Vulnerability3D ViewerImportant7.8Remote Code ExecutionNoNo
CVE-2023-367393D Viewer Remote Code Execution Vulnerability3D ViewerImportant7.8Remote Code ExecutionNoNo
CVE-2023-4863Chromium: CVE-2023-4863 Heap buffer overflow in WebPMicrosoft Edge (Chromium-based) N/A   

Prioritize the right vulnerabilities and accelerate your time-to-remediation

Watch this 3-minute video to see what Frontline VM can do for you.

Watch now

Cybersecurity Heats Up in the Summer

 

When school is out for summer, it seems like everyone is on vacation – everyone except your (un)friendly neighborhood cybercriminals.

Something about the summer months puts us off our guard and threat actors on high alert. The only way to stay safe is to know what’s causing the trouble in the first place. We’ve packed our sunscreen – now read on to find out how to make sure your security also doesn’t get burned.

Summer Cybersecurity Weaknesses to Look Out For

  1. Holidays mean lower staff counts | Summer is the time for family vacations, trips abroad, and lower rates of qualified cybersecurity personnel on duty. Additionally, temporary staff may also not have had the same security awareness training and therefore be more susceptible to phishing emails, insecure file transfers, and other unsafe practices. Threat actors can take advantage of this natural deficiency, leading to potentially increased risks of phishing and lower response times on urgent alerts. Together, this make for a bad combination.
  2. Servers can’t beat the heat | Everyone knows that a hot server is a slow server. An overheated server can severely malfunction or even crash, leaving companies not only potentially incapacitated, but also vulnerable. As heat waves are increasingly taking down data centers, the potential cybersecurity risks such incidents pose is becoming clear. Hastily bringing a server back online could actually compound the problem, accidentally opening more avenues of attack by failing to take the proper precautions and set it up right. And, if companies reduce operations to prevent servers from getting too hot, such measures may have unintended consequences of increasing risk to the enterprise.   
  3. Vacation means poolside public WiFi | Just because remote work allows you to work from anywhere doesn’t mean it’s safe to connect everywhere. Public WiFi is not the place to log in and check a quick work email – even for a minute. It only takes a moment for the right threat actor to infect your device with malware, snoop for confidential data, or hijack your session. It’s annoying when it happens to your Gmail account. It’s detrimental when it happens to your Microsoft Outlook work account. An attacker may scan sensitive information, download your contacts, and pivot to others within your organization. On top of that, vacation is a time when those who do find time to work are often distracted and may be more careless about what they’re opening. And the threats are out there: Business Email Compromise (BEC) resulted in $2.7 billion dollars in losses in 2022.

Protecting Your Organization All Year Long

No one wants to come back from a week off to find an IT disaster waiting for them. Here are some tips to stay safe:

  1. Vulnerability Scanning | Never fly blind when it comes to your network, especially when you’re out of the office. These scans can be scheduled and automated, making it easy to keep an eye on things, even with staff outages. These scans provide the foundation for any subsequent security efforts – you can’t fix what you can’t see.
  2. Pen Testing | Pen testing is great for making sure your systems are as good-to-go as you think they are. They can not only exploit and prioritize vulnerabilities but can also make you aware of misconfigurations – like if that server got back online too quickly and left the enterprise exposed. You don’t want to go on vacations with systems unpatched, and pen testing on a regular basis can help your team take on a proactive – not reactive – approach to security.
  3. Red Team Exercises | Make sure your security team is prepared by putting them to the test. Red teaming doesn’t just assess defenses, it also helps train the blue team. Facing down real-world threat tactics goes beyond even the preparation of knowing what to patch. It tests their security nervous system, anticipates how well they will do under pressure, and seasons them so if the worst happens while the team is short-staffed everyone will still know what to do.
  4. Use a VPN | You never know where your adventures might lead, or how tempted you might be to fall for public WiFi when your data runs out in a strange city. For instance, the FBI has explicitly warned against cell-charging kiosks, stating that “Cybersecurity experts warn that bad actors can load malware onto public USB charging stations to maliciously access electronic devices while they are being charged.” It’s safer to make a habit of using a VPN – either for personal or work use – every time you log in. Cybercriminals are working when you’re not, and every in is a potential liability.
  5. Make social engineering tests a must | All a threat actor needs is one weak link. You can prepare team members with a phishing campaign that tests how they react to malicious emails they might encounter. This can help identify who is susceptible and in need of additional training on how to stay safe and spot suspicious activity. You never know who might be up late, checking emails in a hotel room while on vacation – off their guard and susceptible to click bait, ransomware-infested text links and other phishing emails.

The Best Defense is a Good Offense

Cybercriminals don’t sleep, and neither do we. The best defense is a good offense and Fortra’s Core Security has solutions to prepare your organization to stay sharp during the summer months and beyond.

Core ImpactCore Security’s flagship penetration testing tool, can integrate with top vulnerability scanners like beSECURE to maximize the impact of both. Adversary simulations and red team operations can be run with the help of Cobalt Strike and Outflank Security Tooling (OST), two powerful red teaming solutions ideal for deploying sophisticated adversary simulations. Best of all, these solutions can be bundled together so you can cost effectively accelerate your offensive security strategy.

If we’re not careful, we can get burned by more than just the sun this summer. Secure your enterprise with Core Security’s lineup of offensive security solutions and enjoy your time off.

Learn how offensive security can strengthen your security no matter the season

Find out more about different offensive security solutions and which ones are the best fit for your environment in our webinar, Bundling Up: The Importance of Layering Offensive Security Solutions.

Watch the webinar