{"id":8642,"date":"2021-07-13T05:46:01","date_gmt":"2021-07-13T12:46:01","guid":{"rendered":"https:\/\/webdev.securin.xyz\/?post_type=patch_watch&#038;p=8642"},"modified":"2023-03-03T14:34:12","modified_gmt":"2023-03-03T21:34:12","slug":"june-30-csw-patch-watch-security-updates-1","status":"publish","type":"patch_watch","link":"https:\/\/webdev.securin.xyz\/patch_watch\/june-30-csw-patch-watch-security-updates-1\/","title":{"rendered":"June 30: CSW Patch Watch &#038; Security Updates"},"content":{"rendered":"<h2 dir=\"ltr\"><img decoding=\"async\" style=\"width: 800px; height: 491px;\" src=\"\/wp-content\/uploads\/2015\/11\/patch-watch-1-1.png\" alt=\"\" \/><\/h2>\n<h2 dir=\"ltr\"><strong>Highlights of Patch Watch Issue 16<\/strong><\/h2>\n<ul>\n<li dir=\"ltr\" aria-level=\"1\">\n<p dir=\"ltr\" role=\"presentation\"><a href=\"#Weaponized Vulnerabilities\">13 vendors released security patches for 436 vulnerabilities, including 112 CVEs with known exploits.<\/a><\/p>\n<\/li>\n<li dir=\"ltr\" aria-level=\"1\">\n<p dir=\"ltr\" role=\"presentation\"><a href=\"#Old CVEs\">325 old vulnerabilities have been patched.<\/a><\/p>\n<\/li>\n<li dir=\"ltr\" aria-level=\"1\">\n<p dir=\"ltr\" role=\"presentation\"><a href=\"#CISA Alerts\">3 vulnerabilities that got patched this month are red-flagged by CISA.<\/a><\/p>\n<\/li>\n<\/ul>\n<h2><strong><a id=\"Weaponized Vulnerabilities\" name=\"Weaponized Vulnerabilities\"><\/a>Weaponized Vulnerabilities<\/strong><\/h2>\n<p dir=\"ltr\">We have 112 vulnerabilities that are known exploits. Here is our analysis \u2013<\/p>\n<ul>\n<li dir=\"ltr\" aria-level=\"1\">\n<p dir=\"ltr\" role=\"presentation\">37 CVEs are RCE bugs.<\/p>\n<\/li>\n<li dir=\"ltr\" aria-level=\"1\">\n<p dir=\"ltr\" role=\"presentation\">17 CVEs with Privilege Escalation capabilities.<\/p>\n<\/li>\n<li dir=\"ltr\" aria-level=\"1\">\n<p dir=\"ltr\" role=\"presentation\">25 CVEs linked to Denial of Service.<\/p>\n<\/li>\n<li dir=\"ltr\" aria-level=\"1\">\n<p dir=\"ltr\" role=\"presentation\">13 CVEs are rated critical, 53 are high, and 40 are of medium severity.<\/p>\n<\/li>\n<\/ul>\n<p><a href=\"#Patches\">Click here for our analysis and download patches.<\/a><\/p>\n<p dir=\"ltr\"><img decoding=\"async\" style=\"width: 550px; height: 338px;\" src=\"\/wp-content\/uploads\/2015\/11\/patch-watch-2-1.png\" alt=\"\" \/><\/p>\n<h2 dir=\"ltr\"><strong><a id=\"Old CVEs\" name=\"Old CVEs\"><\/a>Old Vulnerabilities<\/strong><\/h2>\n<p dir=\"ltr\">324 Old vulnerabilities have been fixed, ranging from the year 2014 to 2020.<\/p>\n<ul>\n<li dir=\"ltr\" aria-level=\"1\">\n<p dir=\"ltr\" role=\"presentation\">Of these, 95 CVEs have known exploits.<\/p>\n<\/li>\n<li dir=\"ltr\" aria-level=\"1\">\n<p dir=\"ltr\" role=\"presentation\">12 CVEs with Privilege Escalation.<\/p>\n<\/li>\n<li dir=\"ltr\" aria-level=\"1\">\n<p dir=\"ltr\" role=\"presentation\">31 CVEs are classified as RCE bugs.<\/p>\n<\/li>\n<li dir=\"ltr\" aria-level=\"1\">\n<p dir=\"ltr\" role=\"presentation\">42 CVEs are rated critical and 129 are of high severity.<\/p>\n<\/li>\n<\/ul>\n<p><a href=\"#Patches\">Click here for our analysis and download patches.<\/a><\/p>\n<p dir=\"ltr\"><img decoding=\"async\" style=\"width: 550px; height: 463px;\" src=\"\/wp-content\/uploads\/2015\/11\/patch-watch-3.png\" alt=\"\" \/><\/p>\n<h2 dir=\"ltr\"><strong><a id=\"CISA Alerts\" name=\"CISA Alerts\"><\/a>CISA Alerts<\/strong><\/h2>\n<p>CISA has issued an alert for 3 vulnerabilities including CVE-2021-27274 that leads to Unrestricted Upload of File with Dangerous Type (CWE &#8211; 434) &#8211; classified under the <a href=\"https:\/\/cwe.mitre.org\/top25\/archive\/2020\/2020_cwe_top25.html\">Top 15 Most Dangerous Software Weaknesses<\/a>. Of these, one is rated critical and two of medium severity.<\/p>\n<p dir=\"ltr\"><a href=\"#Patches\">Click here for our analysis and download patches.<\/a><\/p>\n<p dir=\"ltr\"><img decoding=\"async\" style=\"width: 550px; height: 504px;\" src=\"\/wp-content\/uploads\/2015\/11\/patch-watch-4.png\" alt=\"\" \/><\/p>\n<p><a id=\"Patches\" name=\"Patches\"><\/a><iframe class=\"airtable-embed\" style=\"background: transparent; border: 1px solid #ccc;\" src=\"https:\/\/airtable.com\/embed\/shrIbMqJRQ6tMkmGt?backgroundColor=purple&amp;viewControls=on\" width=\"100%\" height=\"533\" frameborder=\"0\"><\/iframe><\/p>\n<p dir=\"ltr\"><strong>Table: Security Patches\u00a0<\/strong><\/p>\n<p dir=\"ltr\">Cyberattacks aren\u2019t easy to avoid. However, the future focus should be on internal systems and procedures, rather than external security risks and issues that the organization cannot control. Organizations should make sure that vulnerabilities are minimized by appropriately managing patch management and updates.<\/p>\n<p dir=\"ltr\">CSW\u2019s Patch Watch helps organizations and their overworked security teams patch the most critical vulnerabilities and improve their security posture.\u00a0 <a href=\"https:\/\/cybersecurityworks.com\/patchwatch\/\">Get on our mailing list for more information about emerging threats.<\/a><\/p>\n<p dir=\"ltr\">\n<p dir=\"ltr\" style=\"text-align: center;\"><span style=\"font-size: 18px;\"><strong>Protect your organization from exposure and breach. We can help shrink your attack surface.<\/strong><\/span><\/p>\n<h3 dir=\"ltr\" style=\"text-align: center;\"><span style=\"font-size: 18px;\"><strong>\u00a0<a href=\"https:\/\/cybersecurityworks.com\/get-quote.php\">Talk to us.<\/a><\/strong><\/span><\/h3>\n<p dir=\"ltr\" style=\"text-align: center;\">\n","protected":false},"excerpt":{"rendered":"<p>Highlights of Patch Watch Issue 16 13 vendors released security patches for 436 vulnerabilities, including 112 CVEs with known exploits. 325 old vulnerabilities have been patched. 3 vulnerabilities that got patched this month are red-flagged by CISA. Weaponized Vulnerabilities We have 112 vulnerabilities that are known exploits. Here is our analysis \u2013 37 CVEs are [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":14453,"parent":0,"menu_order":0,"template":"","meta":{"content-type":""},"patch_category":[],"acf":[],"aioseo_notices":[],"_links":{"self":[{"href":"https:\/\/webdev.securin.xyz\/wp-json\/wp\/v2\/patch_watch\/8642"}],"collection":[{"href":"https:\/\/webdev.securin.xyz\/wp-json\/wp\/v2\/patch_watch"}],"about":[{"href":"https:\/\/webdev.securin.xyz\/wp-json\/wp\/v2\/types\/patch_watch"}],"author":[{"embeddable":true,"href":"https:\/\/webdev.securin.xyz\/wp-json\/wp\/v2\/users\/1"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/webdev.securin.xyz\/wp-json\/wp\/v2\/media\/14453"}],"wp:attachment":[{"href":"https:\/\/webdev.securin.xyz\/wp-json\/wp\/v2\/media?parent=8642"}],"wp:term":[{"taxonomy":"patch_category","embeddable":true,"href":"https:\/\/webdev.securin.xyz\/wp-json\/wp\/v2\/patch_category?post=8642"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}