Highlights of Patch Watch Issue 9
-
12 vendors including Apple, Cisco, Citrix, Adobe, Mozilla, Qnap, HP, Checkpoint, RedHat, and others, have released security updates for 367 vulnerabilities
-
CISA has issued a security alert for 14 vulnerabilities
-
30 CVEs have known exploits
-
101 old vulnerabilities have been patched
-
30 CVEs have publicly known exploits
-
337 are yet to be weaponized
-
CISA has issued warning alerts for 3 vulnerabilities
-
2 CVEs with Remote Code Execution
-
1 CVE with Privilege Escalation and local exploit
-
19 CVEs are associated with Web App exploits
-
6 CVEs are linked with Denial of Service
-
14 CVEs are rated high and 15 CVEs of medium severity
-
11 CVEs have known exploits
-
4 CVEs have been issued an alert by CISA
-
Of these, 12 CVEs are critical, 8 are high, and 76 of medium severity
Ransomware detections have been more dominant in countries with higher numbers of internet-connected populations. The United States ranks highest, with 18.2% of all ransomware attacks. Therefore, it is essential to fix the old vulnerabilities at the earliest as it opens doors to a high rate of ransomware attacks.
-
CISA has issued an alert for 14 vulnerabilities. Out of these, 1 CVE is rated critical, 1 with high and 6 of medium severity.
Table: Vulnerability Patches
Hundreds of patches are released each month for many popular products. Prioritizing the patches based on dangerous exploits, CISA alerts, ransomware & APT group associations will help Security teams fix vulnerabilities that could be potentially used by threat actors.