September 2021: Patch Watch Digest

Highlights of September Digest

• 49 vendors released security patches for 816 vulnerabilities, including 79 CVEs with known exploits.

• 20 vulnerabilities that were patched in September had been red-flagged by CISA.

• 192 old vulnerabilities have been patched.

• Microsoft fixed 60 bugs, including 2 zero days.

Weaponized Vulnerabilities

We have 79 vulnerabilities that are known exploits. Here is our analysis –

• 5 CVEs are associated with ransomware strains that include Atom Silo, Maze, and Cring.

• 4 CVEs are linked to APT 1.

• 9 Malware groups (OceanSalt, Auriga, Bangat, BISCUIT, MAPIGET, TARSIP, SEASALT,  KURTON, and HELAUTO) are correlated to 3 CVEs.

• 19 CVEs are classified as Remote Code Execution.

• 10 CVEs have Privilege Escalation capabilities.

• 5 CVEs with Cross-Site Scripting flaws.

• 21 CVEs are linked to Denial of Service.

• 19 CVEs fall into other categories.

• 18 CVEs are rated critical and 35 are of high severity.

• Of these 79 weaponized CVEs, two are alerted by CISA.

Click here for our analysis and download patches.

CSW Alerts

Our Cyber Risk Series and CSW blogs have highlighted the vulnerabilities CVE-2021-34527, CVE-2020-0549, CVE-2020-2555, CVE-2020-13935, and CVE-2020-9484 which were all fixed this September. All of these vulnerabilities should be patched as soon as possible with the latest security patches.

Old Vulnerabilities

192 old vulnerabilities have been fixed by vendors, ranging from the year 2010 to 2020.

• 4 CVEs are associated with ransomware strains that include Maze and Cring.

• 3 CVEs are linked to APT 1.

• 9 Malware groups (OceanSalt, Auriga, Bangat, BISCUIT, MAPIGET, TARSIP, SEASALT,  KURTON, and  HELAUTO) are correlated to 3 CVEs.

• 2 CVEs are featured by CISA.

• Of these, 36 CVEs have known exploits.

• 4 CVEs with Privilege Escalation.

• 4 CVEs are Remote Code Execution bugs.

• 27 CVEs are rated critical and 101 are of high severity.

Click here for our analysis and download patches.

Microsoft September Patches 2021

Microsoft plugged 60 vulnerabilities including 2 zero-days. Of these 60 CVEs,  the remote code execution vulnerability in Windows MSHTML, CVE-2021-40444, is being actively exploited by threat actors using phishing attacks. We recommend Microsoft users to address these vulnerabilities as top priority.

Check out our Microsoft patch watch edition here.

CISA Alerts

CISA has issued alerts for 20 vulnerabilities, including 2 publicly-known exploits.

• 1 CVE is associated with Atom Silo.

• 2 CVE is classified as a Remote Code Execution bug.

• 5 CVEs are rated critical and 13 are of high severity.

Click here for our analysis and download patches.

Table: Security Patches for September 2021

With organizations becoming more vulnerable to cyberattacks, security teams find it difficult to prioritize vulnerabilities and patching due to time constraints. According to Ivanti, 53% of organizations say that organizing and prioritizing critical vulnerabilities takes up most of their time. Therefore, it is important for organizations to find ways to accelerate patch deployment and remediation actions and stay abreast of potential attacks.