{"id":8528,"date":"2021-10-11T18:28:15","date_gmt":"2021-10-12T01:28:15","guid":{"rendered":"https:\/\/webdev.securin.xyz\/?post_type=patch_watch&#038;p=8528"},"modified":"2023-03-03T14:10:02","modified_gmt":"2023-03-03T21:10:02","slug":"september-2021-patch-watch-digest","status":"publish","type":"patch_watch","link":"https:\/\/webdev.securin.xyz\/patch_watch\/september-2021-patch-watch-digest\/","title":{"rendered":"September 2021: Patch Watch Digest"},"content":{"rendered":"<h2 dir=\"ltr\"><img decoding=\"async\" style=\"width: 800px; height: 353px;\" src=\"\/wp-content\/uploads\/2021\/06\/patch-watch-1-17.png\" alt=\"\" \/><\/h2>\n<h2 dir=\"ltr\"><strong>Highlights of September Digest<\/strong><\/h2>\n<ul>\n<li dir=\"ltr\" aria-level=\"1\">\n<p dir=\"ltr\" role=\"presentation\"><a href=\"#Weaponized Vulnerabilities\">49 vendors released security patches for 816 vulnerabilities, including 79 CVEs with known exploits.<\/a><\/p>\n<\/li>\n<li dir=\"ltr\" aria-level=\"1\">\n<p dir=\"ltr\" role=\"presentation\"><a href=\"#CISA Alerts\">20 vulnerabilities that were patched in September had been red-flagged by CISA.<\/a><\/p>\n<\/li>\n<li dir=\"ltr\" aria-level=\"1\">\n<p dir=\"ltr\" role=\"presentation\"><a href=\"#Old CVEs\">192 old vulnerabilities have been patched.<\/a><\/p>\n<\/li>\n<li dir=\"ltr\" aria-level=\"1\">\n<p dir=\"ltr\" role=\"presentation\"><a href=\"#Microsoft Patches\">Microsoft fixed 60 bugs, including 2 zero days.<\/a><\/p>\n<\/li>\n<\/ul>\n<h2 dir=\"ltr\"><a id=\"Weaponized Vulnerabilities\" name=\"Weaponized Vulnerabilities\"><\/a><strong>Weaponized Vulnerabilities<\/strong><\/h2>\n<p dir=\"ltr\">We have 79 vulnerabilities that are known exploits. Here is our analysis \u2013<\/p>\n<ul>\n<li dir=\"ltr\" aria-level=\"1\">\n<p dir=\"ltr\" role=\"presentation\">5 CVEs are associated with ransomware strains that include Atom Silo, Maze, and Cring.<\/p>\n<\/li>\n<li dir=\"ltr\" aria-level=\"1\">\n<p dir=\"ltr\" role=\"presentation\">4 CVEs are linked to APT 1.<\/p>\n<\/li>\n<li dir=\"ltr\" aria-level=\"1\">\n<p dir=\"ltr\" role=\"presentation\">9 Malware groups (OceanSalt, Auriga, Bangat, BISCUIT, MAPIGET, TARSIP, SEASALT,\u00a0 KURTON, and HELAUTO) are correlated to 3 CVEs.<\/p>\n<\/li>\n<li dir=\"ltr\" aria-level=\"1\">\n<p dir=\"ltr\" role=\"presentation\">19 CVEs are classified as Remote Code Execution.<\/p>\n<\/li>\n<li dir=\"ltr\" aria-level=\"1\">\n<p dir=\"ltr\" role=\"presentation\">10 CVEs have Privilege Escalation capabilities.<\/p>\n<\/li>\n<li dir=\"ltr\" aria-level=\"1\">\n<p dir=\"ltr\" role=\"presentation\">5 CVEs with Cross-Site Scripting flaws.<\/p>\n<\/li>\n<li dir=\"ltr\" aria-level=\"1\">\n<p dir=\"ltr\" role=\"presentation\">21 CVEs are linked to Denial of Service.<\/p>\n<\/li>\n<li dir=\"ltr\" aria-level=\"1\">\n<p dir=\"ltr\" role=\"presentation\">19 CVEs fall into other categories.<\/p>\n<\/li>\n<li dir=\"ltr\" aria-level=\"1\">\n<p dir=\"ltr\" role=\"presentation\">18 CVEs are rated critical and 35 are of high severity.<\/p>\n<\/li>\n<li dir=\"ltr\" aria-level=\"1\">\n<p dir=\"ltr\" role=\"presentation\">Of these 79 weaponized CVEs, two are alerted by CISA.<\/p>\n<\/li>\n<\/ul>\n<p><a href=\"#Airtable\">Click here for our analysis and download patches.<\/a><\/p>\n<p dir=\"ltr\"><img decoding=\"async\" style=\"width: 550px; height: 338px;\" src=\"\/wp-content\/uploads\/2021\/06\/patch-watch-5-2.png\" alt=\"\" \/><\/p>\n<p dir=\"ltr\"><strong>CSW Alerts<\/strong><\/p>\n<p>Our <a href=\"https:\/\/cybersecurityworks.com\/resources\/cyber-risk-series\/cyber-risk-in-working-remotely.html\">Cyber Risk Series<\/a> and <a href=\"https:\/\/cybersecurityworks.com\/blog\/\">CSW blogs<\/a> have highlighted the vulnerabilities <a href=\"https:\/\/cybersecurityworks.com\/blog\/vulnerabilities\/how-to-detect-cve-2021-34527.html\">CVE-2021-34527<\/a>, <a href=\"https:\/\/cybersecurityworks.com\/blog\/vulnerabilities\/google-trends-most-searched-top-10-vulnerabilities-in-2020.html\">CVE-2020-0549<\/a>, <a href=\"https:\/\/cybersecurityworks.com\/blog\/vulnerabilities\/google-trends-most-searched-top-10-vulnerabilities-in-2020.html\">CVE-2020-2555,<\/a> <a href=\"https:\/\/cybersecurityworks.com\/blog\/cyber-risk\/could-googles-most-searched-top-10-vulnerabilities-in-2020-be-key-attack-indicators.html\">CVE-2020-13935<\/a>, and <a href=\"https:\/\/cybersecurityworks.com\/blog\/cyber-risk\/could-googles-most-searched-top-10-vulnerabilities-in-2020-be-key-attack-indicators.html\">CVE-2020-9484<\/a> which were all fixed this September. All of these vulnerabilities should be patched as soon as possible with the latest security patches.<\/p>\n<h2 dir=\"ltr\"><a name=\"Old CVEs\"><\/a><strong>Old Vulnerabilities<\/strong><\/h2>\n<p dir=\"ltr\">192 old vulnerabilities have been fixed by vendors, ranging from the year 2010 to 2020.<\/p>\n<ul>\n<li dir=\"ltr\" aria-level=\"1\">\n<p dir=\"ltr\" role=\"presentation\">4 CVEs are associated with ransomware strains that include Maze and Cring.<\/p>\n<\/li>\n<li dir=\"ltr\" aria-level=\"1\">\n<p dir=\"ltr\" role=\"presentation\">3 CVEs are linked to APT 1.<\/p>\n<\/li>\n<li dir=\"ltr\" aria-level=\"1\">\n<p dir=\"ltr\" role=\"presentation\">9 Malware groups (OceanSalt, Auriga, Bangat, BISCUIT, MAPIGET, TARSIP, SEASALT,\u00a0 KURTON, and\u00a0 HELAUTO) are correlated to 3 CVEs.<\/p>\n<\/li>\n<li dir=\"ltr\" aria-level=\"1\">\n<p dir=\"ltr\" role=\"presentation\">2 CVEs are featured by CISA.<\/p>\n<\/li>\n<li dir=\"ltr\" aria-level=\"1\">\n<p dir=\"ltr\" role=\"presentation\">Of these, 36 CVEs have known exploits.<\/p>\n<\/li>\n<li dir=\"ltr\" aria-level=\"1\">\n<p dir=\"ltr\" role=\"presentation\">4 CVEs with Privilege Escalation.<\/p>\n<\/li>\n<li dir=\"ltr\" aria-level=\"1\">\n<p dir=\"ltr\" role=\"presentation\">4 CVEs are Remote Code Execution bugs.<\/p>\n<\/li>\n<li dir=\"ltr\" aria-level=\"1\">\n<p dir=\"ltr\" role=\"presentation\">27 CVEs are rated critical and 101 are of high severity.<\/p>\n<\/li>\n<\/ul>\n<p><img decoding=\"async\" style=\"width: 550px; height: 426px;\" src=\"\/wp-content\/uploads\/2021\/06\/patch-watch-2-18.png\" alt=\"\" \/><\/p>\n<p dir=\"ltr\"><a href=\"#Airtable\">Click here for our analysis and download patches.<\/a><\/p>\n<h2 dir=\"ltr\"><a id=\"Microsoft Patches\" name=\"Microsoft Patches\"><\/a><strong>Microsoft September Patches 2021<\/strong><\/h2>\n<p>Microsoft plugged 60 vulnerabilities including 2 zero-days. Of these 60 CVEs,\u00a0 the remote code execution vulnerability in Windows MSHTML, CVE-2021-40444, is being actively exploited by threat actors using phishing attacks. We recommend Microsoft users to address these vulnerabilities as top priority.<\/p>\n<p dir=\"ltr\">\u00a0<img decoding=\"async\" style=\"width: 550px; height: 466px;\" src=\"\/wp-content\/uploads\/2021\/06\/patch-watch-3-12.png\" alt=\"\" \/><\/p>\n<p dir=\"ltr\"><a href=\"https:\/\/cybersecurityworks.com\/patchwatch\/csw-patch-watch\/september-microsoft-patches-60-security-vulnerabilities.html\">Check out our Microsoft patch watch edition here<\/a>.<\/p>\n<h2 dir=\"ltr\"><a id=\"CISA Alerts\" name=\"CISA Alerts\"><\/a><strong>CISA Alerts<\/strong><\/h2>\n<p>CISA has issued alerts for 20 vulnerabilities, including 2 publicly-known exploits.<\/p>\n<ul>\n<li dir=\"ltr\" aria-level=\"1\">\n<p dir=\"ltr\" role=\"presentation\">1 CVE is associated with Atom Silo.<\/p>\n<\/li>\n<li dir=\"ltr\" aria-level=\"1\">\n<p dir=\"ltr\" role=\"presentation\">2 CVE is classified as a Remote Code Execution bug.<\/p>\n<\/li>\n<li dir=\"ltr\" aria-level=\"1\">\n<p dir=\"ltr\" role=\"presentation\">5 CVEs are rated critical and 13 are of high severity.<\/p>\n<\/li>\n<\/ul>\n<p dir=\"ltr\" role=\"presentation\"><a href=\"#Airtable\">Click here for our analysis and download patches.<\/a><\/p>\n<p><img decoding=\"async\" style=\"width: 550px; height: 443px;\" src=\"\/wp-content\/uploads\/2021\/06\/patch-watch-4-10.png\" alt=\"\" \/><\/p>\n<p><a id=\"Airtable\" name=\"Airtable\"><\/a><iframe class=\"airtable-embed\" style=\"background: transparent; border: 1px solid #ccc;\" src=\"https:\/\/airtable.com\/embed\/shrzvDXPn2qlqZOjy?backgroundColor=purple&amp;viewControls=on\" width=\"100%\" height=\"533\" frameborder=\"0\"><\/iframe><\/p>\n<p dir=\"ltr\"><strong>Table: Security Patches for September\u00a02021<\/strong><\/p>\n<p dir=\"ltr\">With organizations becoming more vulnerable to cyberattacks, security teams find it difficult to prioritize vulnerabilities and patching due to time constraints. According to <a href=\"https:\/\/www.ivanti.com\/resources\/v\/doc\/datasheets\/ivi-2634-patch-management-challenges\">Ivanti<\/a>, 53% of organizations say that organizing and prioritizing critical vulnerabilities takes up most of their time. Therefore, it is important for organizations to find ways to accelerate patch deployment and remediation actions and stay abreast of potential attacks.<\/p>\n<p>&nbsp;<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Highlights of September Digest 49 vendors released security patches for 816 vulnerabilities, including 79 CVEs with known exploits. 20 vulnerabilities that were patched in September had been red-flagged by CISA. 192 old vulnerabilities have been patched. Microsoft fixed 60 bugs, including 2 zero days. Weaponized Vulnerabilities We have 79 vulnerabilities that are known exploits. Here [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":14443,"parent":0,"menu_order":0,"template":"","meta":{"content-type":""},"patch_category":[288],"acf":[],"aioseo_notices":[],"_links":{"self":[{"href":"https:\/\/webdev.securin.xyz\/wp-json\/wp\/v2\/patch_watch\/8528"}],"collection":[{"href":"https:\/\/webdev.securin.xyz\/wp-json\/wp\/v2\/patch_watch"}],"about":[{"href":"https:\/\/webdev.securin.xyz\/wp-json\/wp\/v2\/types\/patch_watch"}],"author":[{"embeddable":true,"href":"https:\/\/webdev.securin.xyz\/wp-json\/wp\/v2\/users\/1"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/webdev.securin.xyz\/wp-json\/wp\/v2\/media\/14443"}],"wp:attachment":[{"href":"https:\/\/webdev.securin.xyz\/wp-json\/wp\/v2\/media?parent=8528"}],"wp:term":[{"taxonomy":"patch_category","embeddable":true,"href":"https:\/\/webdev.securin.xyz\/wp-json\/wp\/v2\/patch_category?post=8528"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}