{"id":8591,"date":"2021-09-14T04:39:53","date_gmt":"2021-09-14T11:39:53","guid":{"rendered":"https:\/\/webdev.securin.xyz\/?post_type=patch_watch&#038;p=8591"},"modified":"2023-03-07T15:28:27","modified_gmt":"2023-03-07T22:28:27","slug":"august-2021-patch-watch-digest","status":"publish","type":"patch_watch","link":"https:\/\/webdev.securin.xyz\/patch_watch\/august-2021-patch-watch-digest\/","title":{"rendered":"August 2021: Patch Watch Digest"},"content":{"rendered":"<h2 dir=\"ltr\">Highlights of August Digest<\/h2>\n<ul>\n<li dir=\"ltr\" aria-level=\"1\">\n<p dir=\"ltr\" role=\"presentation\">43 vendors released security patches for 1178 vulnerabilities, including 195 CVEs with known exploits.<\/p>\n<\/li>\n<li dir=\"ltr\" aria-level=\"1\">\n<p dir=\"ltr\" role=\"presentation\">49 vulnerabilities that were patched in August\u00a0had been red-flagged by CISA.<\/p>\n<\/li>\n<li dir=\"ltr\" aria-level=\"1\">\n<p dir=\"ltr\" role=\"presentation\">449 old vulnerabilities have been patched.<\/p>\n<\/li>\n<li dir=\"ltr\" aria-level=\"1\">\n<p dir=\"ltr\" role=\"presentation\">Microsoft fixed 44 bugs, including 3 zero days.<\/p>\n<\/li>\n<\/ul>\n<h2 dir=\"ltr\"><img decoding=\"async\" style=\"width: 800px; height: 354px;\" src=\"\/wp-content\/uploads\/2015\/11\/patch-watch-1-11.png\" alt=\"\" \/><\/h2>\n<h2 dir=\"ltr\">Weaponized Vulnerabilities<\/h2>\n<p>We have 195 vulnerabilities that are known exploits. Here is our analysis \u2013<\/p>\n<ul>\n<li dir=\"ltr\" aria-level=\"1\">\n<p dir=\"ltr\" role=\"presentation\">4 CVEs are associated with ransomware strains that include Maze, Clop, and Sodinokibi.<\/p>\n<\/li>\n<li dir=\"ltr\" aria-level=\"1\">\n<p dir=\"ltr\" role=\"presentation\">4 CVEs are linked to APT 1, APT 10,\u00a0 TA505,\u00a0 FIN11, Carbanak, and Pinchy Spider.<\/p>\n<\/li>\n<li dir=\"ltr\" aria-level=\"1\">\n<p dir=\"ltr\" role=\"presentation\">9 Malware groups (OceanSalt, Auriga, Bangat, BISCUIT, MAPIGET, TARSIP, SEASALT,\u00a0 KURTON, and HELAUTO) are correlated to 2 CVEs.<\/p>\n<\/li>\n<li dir=\"ltr\" aria-level=\"1\">\n<p dir=\"ltr\" role=\"presentation\">34 CVEs are classified as Remote Code Execution.<\/p>\n<\/li>\n<li dir=\"ltr\" aria-level=\"1\">\n<p dir=\"ltr\" role=\"presentation\">32 CVEs have Privilege Escalation capabilities.<\/p>\n<\/li>\n<li dir=\"ltr\" aria-level=\"1\">\n<p dir=\"ltr\" role=\"presentation\">8 CVEs with Cross-Site Scripting flaws.<\/p>\n<\/li>\n<li dir=\"ltr\" aria-level=\"1\">\n<p dir=\"ltr\" role=\"presentation\">31 CVEs are linked to Denial of Service.<\/p>\n<\/li>\n<li dir=\"ltr\" aria-level=\"1\">\n<p dir=\"ltr\" role=\"presentation\">90 CVEs fall into other categories.<\/p>\n<\/li>\n<li dir=\"ltr\" aria-level=\"1\">\n<p dir=\"ltr\" role=\"presentation\">Of these 195 weaponized CVEs, three are alerted by CISA.<\/p>\n<\/li>\n<li dir=\"ltr\" aria-level=\"1\">\n<p dir=\"ltr\" role=\"presentation\">48 CVEs are rated critical and 92 are of high severity.<\/p>\n<\/li>\n<\/ul>\n<p>&nbsp;<\/p>\n<p><img decoding=\"async\" class=\"aligncenter\" style=\"width: 550px; height: 338px;\" src=\"\/wp-content\/uploads\/2015\/11\/patch-watch-2-14.png\" alt=\"\" \/><\/p>\n<h2 dir=\"ltr\">Securin Alerts<\/h2>\n<p>Our Cyber Risk Series and articles\u00a0have highlighted the vulnerabilities <a href=\"https:\/\/cybersecurityworks.com\/blog\/vulnerabilities\/top-25-exploited-vulnerabilities-by-chinese-sponsored-hackers.html\">CVE-2020-1472<\/a>, <a href=\"https:\/\/cybersecurityworks.com\/blog\/vulnerabilities\/how-to-detect-cve-2021-34527.html\">CVE-2021-34527<\/a>, <a href=\"https:\/\/cybersecurityworks.com\/blog\/vulnerabilities\/google-trends-most-searched-top-10-vulnerabilities-in-2020.html\">CVE-2020-0549<\/a>, <a href=\"https:\/\/cybersecurityworks.com\/blog\/vulnerabilities\/google-trends-most-searched-top-10-vulnerabilities-in-2020.html\">CVE-2020-2555,<\/a> <a href=\"https:\/\/cybersecurityworks.com\/blog\/cyber-risk\/could-googles-most-searched-top-10-vulnerabilities-in-2020-be-key-attack-indicators.html\">CVE-2020-13935<\/a>, and <a href=\"https:\/\/cybersecurityworks.com\/blog\/cyber-risk\/could-googles-most-searched-top-10-vulnerabilities-in-2020-be-key-attack-indicators.html\">CVE-2020-9484<\/a> which were all fixed this August. All of these vulnerabilities should be patched as soon as possible with the latest security patches.<\/p>\n<h2><strong><a id=\"Old CVEs\" name=\"Old CVEs\"><\/a>Old Vulnerabilities<\/strong><\/h2>\n<p dir=\"ltr\">449 Old vulnerabilities have been fixed by vendors, ranging from the year 2002 to 2020.<\/p>\n<ul>\n<li dir=\"ltr\" aria-level=\"1\">\n<p dir=\"ltr\" role=\"presentation\">4 CVEs are associated with ransomware strains that include Maze, Clop, and Sodinokibi.<\/p>\n<\/li>\n<li dir=\"ltr\" aria-level=\"1\">\n<p dir=\"ltr\" role=\"presentation\">4 CVEs are linked to APT 1, APT 10,\u00a0 TA505,\u00a0 FIN11, Carbanak, and Pinchy Spider.<\/p>\n<\/li>\n<li dir=\"ltr\" aria-level=\"1\">\n<p dir=\"ltr\" role=\"presentation\">9 Malware groups (OceanSalt, Auriga, Bangat, BISCUIT, MAPIGET, TARSIP, SEASALT,\u00a0 KURTON, and\u00a0 HELAUTO) are correlated to 2 CVEs.<\/p>\n<\/li>\n<li dir=\"ltr\" aria-level=\"1\">\n<p dir=\"ltr\" role=\"presentation\">15 CVEs are featured by CISA.<\/p>\n<\/li>\n<li dir=\"ltr\" aria-level=\"1\">\n<p dir=\"ltr\" role=\"presentation\">Of these, 88 CVEs have known exploits.<\/p>\n<\/li>\n<li dir=\"ltr\" aria-level=\"1\">\n<p dir=\"ltr\" role=\"presentation\">11 CVEs with Privilege Escalation.<\/p>\n<\/li>\n<li dir=\"ltr\" aria-level=\"1\">\n<p dir=\"ltr\" role=\"presentation\">11 CVEs are Remote Code Execution bugs.<\/p>\n<\/li>\n<li dir=\"ltr\" aria-level=\"1\">\n<p dir=\"ltr\" role=\"presentation\">67 CVEs are rated critical and 229 are of high severity.<\/p>\n<\/li>\n<\/ul>\n<p>&nbsp;<\/p>\n<p><img decoding=\"async\" class=\"aligncenter\" style=\"width: 550px; height: 426px;\" src=\"\/wp-content\/uploads\/2015\/11\/patch-watch-3-7.png\" alt=\"\" \/><\/p>\n<h2 dir=\"ltr\"><a id=\"Microsoft CVEs\" name=\"Microsoft CVEs\"><\/a><strong>Microsoft August Patches 2021<\/strong><\/h2>\n<p>Microsoft plugged 44 vulnerabilities including 3 zero-days. Of these 44 CVEs, \u00a0<a href=\"https:\/\/msrc.microsoft.com\/update-guide\/vulnerability\/CVE-2021-36942\">CVE-2021-36942<\/a> <a href=\"https:\/\/msrc.microsoft.com\/update-guide\/vulnerability\/CVE-2021-36942\">(PetitPotam)<\/a> in Windows Update Medic Service with Elevation of Privilege have publicly available PoC and remain vulnerable to active exploitation. We recommend Microsoft users to address the\u00a0 NTLM problem as top priority.<\/p>\n<h2 dir=\"ltr\"><\/h2>\n<h2 dir=\"ltr\"><a id=\"CISA Alerts\" name=\"CISA Alerts\"><\/a><strong>CISA Alerts<\/strong><\/h2>\n<p dir=\"ltr\">CISA has issued alerts for 49 vulnerabilities, including 3 publicly-known exploits.<\/p>\n<ul>\n<li dir=\"ltr\" aria-level=\"1\">\n<p dir=\"ltr\" role=\"presentation\">3 CVEs are associated with LockFile, Magniber and ViceSociety Ransomware.<\/p>\n<\/li>\n<li dir=\"ltr\" aria-level=\"1\">\n<p dir=\"ltr\" role=\"presentation\">1 CVE is classified as a Remote Code Execution bug.<\/p>\n<\/li>\n<li dir=\"ltr\" aria-level=\"1\">\n<p dir=\"ltr\" role=\"presentation\">1 CVE with Privilege Escalation.<\/p>\n<\/li>\n<li dir=\"ltr\" aria-level=\"1\">\n<p dir=\"ltr\" role=\"presentation\">12 CVEs are rated critical and 9 are of high severity.<\/p>\n<\/li>\n<\/ul>\n<p dir=\"ltr\" role=\"presentation\">\n<p><img decoding=\"async\" class=\"aligncenter\" style=\"width: 550px; height: 496px;\" src=\"\/wp-content\/uploads\/2015\/11\/patch-watch-4-7.png\" alt=\"\" \/><\/p>\n<p><a id=\"Airtable\" name=\"Airtable\"><\/a><iframe class=\"airtable-embed\" style=\"background: transparent; border: 1px solid #ccc;\" src=\"https:\/\/airtable.com\/embed\/shr17U0ghelAdmp90?backgroundColor=purple&amp;viewControls=on\" width=\"100%\" height=\"533\" frameborder=\"0\"><\/iframe><\/p>\n<p dir=\"ltr\"><strong>Table: Security Patches for August 2021<\/strong><\/p>\n<p>According to <a href=\"https:\/\/usa.kaspersky.com\/about\/press-releases\/2021_kaspersky-finds-patch-management-combined-with-robust-password-policies-reduces-the-risk-of-cyberattacks-to-businesses-by-up-to-60\">Kaspersky report<\/a>, exploits against systems with unpatched vulnerabilities were the second most prevalent initial attack vector in 2020. Hence, strong patch management and password management procedures will prevent the majority of security problems.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Highlights of August Digest 43 vendors released security patches for 1178 vulnerabilities, including 195 CVEs with known exploits. 49 vulnerabilities that were patched in August\u00a0had been red-flagged by CISA. 449 old vulnerabilities have been patched. Microsoft fixed 44 bugs, including 3 zero days. Weaponized Vulnerabilities We have 195 vulnerabilities that are known exploits. Here is [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":14443,"parent":0,"menu_order":0,"template":"","meta":{"content-type":""},"patch_category":[288],"acf":[],"aioseo_notices":[],"_links":{"self":[{"href":"https:\/\/webdev.securin.xyz\/wp-json\/wp\/v2\/patch_watch\/8591"}],"collection":[{"href":"https:\/\/webdev.securin.xyz\/wp-json\/wp\/v2\/patch_watch"}],"about":[{"href":"https:\/\/webdev.securin.xyz\/wp-json\/wp\/v2\/types\/patch_watch"}],"author":[{"embeddable":true,"href":"https:\/\/webdev.securin.xyz\/wp-json\/wp\/v2\/users\/1"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/webdev.securin.xyz\/wp-json\/wp\/v2\/media\/14443"}],"wp:attachment":[{"href":"https:\/\/webdev.securin.xyz\/wp-json\/wp\/v2\/media?parent=8591"}],"wp:term":[{"taxonomy":"patch_category","embeddable":true,"href":"https:\/\/webdev.securin.xyz\/wp-json\/wp\/v2\/patch_category?post=8591"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}