August 2021: Patch Watch Digest

Highlights of August Digest

  • 43 vendors released security patches for 1178 vulnerabilities, including 195 CVEs with known exploits.

  • 49 vulnerabilities that were patched in August had been red-flagged by CISA.

  • 449 old vulnerabilities have been patched.

  • Microsoft fixed 44 bugs, including 3 zero days.

Weaponized Vulnerabilities

We have 195 vulnerabilities that are known exploits. Here is our analysis –

  • 4 CVEs are associated with ransomware strains that include Maze, Clop, and Sodinokibi.

  • 4 CVEs are linked to APT 1, APT 10,  TA505,  FIN11, Carbanak, and Pinchy Spider.

  • 9 Malware groups (OceanSalt, Auriga, Bangat, BISCUIT, MAPIGET, TARSIP, SEASALT,  KURTON, and HELAUTO) are correlated to 2 CVEs.

  • 34 CVEs are classified as Remote Code Execution.

  • 32 CVEs have Privilege Escalation capabilities.

  • 8 CVEs with Cross-Site Scripting flaws.

  • 31 CVEs are linked to Denial of Service.

  • 90 CVEs fall into other categories.

  • Of these 195 weaponized CVEs, three are alerted by CISA.

  • 48 CVEs are rated critical and 92 are of high severity.

 

Securin Alerts

Our Cyber Risk Series and articles have highlighted the vulnerabilities CVE-2020-1472, CVE-2021-34527, CVE-2020-0549, CVE-2020-2555, CVE-2020-13935, and CVE-2020-9484 which were all fixed this August. All of these vulnerabilities should be patched as soon as possible with the latest security patches.

Old Vulnerabilities

449 Old vulnerabilities have been fixed by vendors, ranging from the year 2002 to 2020.

  • 4 CVEs are associated with ransomware strains that include Maze, Clop, and Sodinokibi.

  • 4 CVEs are linked to APT 1, APT 10,  TA505,  FIN11, Carbanak, and Pinchy Spider.

  • 9 Malware groups (OceanSalt, Auriga, Bangat, BISCUIT, MAPIGET, TARSIP, SEASALT,  KURTON, and  HELAUTO) are correlated to 2 CVEs.

  • 15 CVEs are featured by CISA.

  • Of these, 88 CVEs have known exploits.

  • 11 CVEs with Privilege Escalation.

  • 11 CVEs are Remote Code Execution bugs.

  • 67 CVEs are rated critical and 229 are of high severity.

 

Microsoft August Patches 2021

Microsoft plugged 44 vulnerabilities including 3 zero-days. Of these 44 CVEs,  CVE-2021-36942 (PetitPotam) in Windows Update Medic Service with Elevation of Privilege have publicly available PoC and remain vulnerable to active exploitation. We recommend Microsoft users to address the  NTLM problem as top priority.

CISA Alerts

CISA has issued alerts for 49 vulnerabilities, including 3 publicly-known exploits.

  • 3 CVEs are associated with LockFile, Magniber and ViceSociety Ransomware.

  • 1 CVE is classified as a Remote Code Execution bug.

  • 1 CVE with Privilege Escalation.

  • 12 CVEs are rated critical and 9 are of high severity.

Table: Security Patches for August 2021

According to Kaspersky report, exploits against systems with unpatched vulnerabilities were the second most prevalent initial attack vector in 2020. Hence, strong patch management and password management procedures will prevent the majority of security problems.

Share This Post On