{"id":8696,"date":"2021-04-16T06:57:19","date_gmt":"2021-04-16T13:57:19","guid":{"rendered":"https:\/\/webdev.securin.xyz\/?post_type=patch_watch&#038;p=8696"},"modified":"2023-03-03T14:36:22","modified_gmt":"2023-03-03T21:36:22","slug":"march-10-csw-patch-watch-security-updates","status":"publish","type":"patch_watch","link":"https:\/\/webdev.securin.xyz\/patch_watch\/march-10-csw-patch-watch-security-updates\/","title":{"rendered":"March 10: CSW Patch Watch &#038; Security Updates"},"content":{"rendered":"<h2 dir=\"ltr\"><img decoding=\"async\" style=\"width: 800px; height: 373px;\" src=\"\/wp-content\/uploads\/2015\/11\/highlights-of-patch-watch-issue-11.png\" alt=\"\" \/><\/h2>\n<h2 dir=\"ltr\"><strong>Highlights of Patch Watch Issue 11<\/strong><\/h2>\n<ul>\n<li dir=\"ltr\" aria-level=\"1\">\n<p dir=\"ltr\" role=\"presentation\"><a href=\"#Weaponized\">16 vendors released security patches for 566 vulnerabilities, including 45 CVEs with known exploits.<\/a><\/p>\n<\/li>\n<li dir=\"ltr\" aria-level=\"1\">\n<p dir=\"ltr\" role=\"presentation\"><a href=\"#Old CVEs\">14 vulnerabilities that got patched in March are red flagged by\u00a0 CISA.<\/a><\/p>\n<\/li>\n<li dir=\"ltr\" aria-level=\"1\">\n<p dir=\"ltr\" role=\"presentation\"><a href=\"#Old CVEs\">323 old vulnerabilities have been patched.<\/a><\/p>\n<\/li>\n<li dir=\"ltr\" aria-level=\"1\">\n<p dir=\"ltr\" role=\"presentation\"><a href=\"#Microsoft\">Microsoft fixed 89 bugs this month.<\/a><\/p>\n<\/li>\n<\/ul>\n<h2 dir=\"ltr\"><a id=\"Weaponized\" name=\"Weaponized\"><\/a><strong>Weaponized Vulnerabilities<\/strong><\/h2>\n<p dir=\"ltr\">We have 46 vulnerabilities that are known exploits. Here is our analysis \u2013<\/p>\n<ul>\n<li dir=\"ltr\" aria-level=\"1\">\n<p dir=\"ltr\" role=\"presentation\">2 CVEs are targeted by 10 APT Groups, Dear Cry ransomware, and PlugX and ShadowPad malware.<\/p>\n<\/li>\n<li dir=\"ltr\" aria-level=\"1\">\n<p dir=\"ltr\" role=\"presentation\">5 CVEs are associated with RCE and PE respectively.<\/p>\n<\/li>\n<li dir=\"ltr\" aria-level=\"1\">\n<p dir=\"ltr\" role=\"presentation\">10 CVEs are linked to Denial of Service.<\/p>\n<\/li>\n<li dir=\"ltr\" aria-level=\"1\">\n<p dir=\"ltr\" role=\"presentation\">16 CVEs are rated high and 24 CVEs are of medium severity.<\/p>\n<\/li>\n<\/ul>\n<p dir=\"ltr\"><a href=\"#Airtable\">Click here for our analysis and download patches.<\/a><\/p>\n<p dir=\"ltr\"><img decoding=\"async\" style=\"width: 550px; height: 338px;\" src=\"\/wp-content\/uploads\/2015\/11\/weaponized-vulnerabilities-4.png\" alt=\"\" \/><\/p>\n<h2 dir=\"ltr\"><a id=\"Old CVEs\" name=\"Old CVEs\"><\/a><strong>Old Vulnerabilities<\/strong><\/h2>\n<p dir=\"ltr\">323 Old vulnerabilities have been fixed ranging from the year 2010 to 2020.<\/p>\n<ul>\n<li dir=\"ltr\" aria-level=\"1\">\n<p dir=\"ltr\" role=\"presentation\">3 CVEs are associated with RansomEXX and BitPaymer ransomware.<\/p>\n<\/li>\n<li dir=\"ltr\" aria-level=\"1\">\n<p dir=\"ltr\" role=\"presentation\">4 CVEs have featured in CISA Alerts.<\/p>\n<\/li>\n<li dir=\"ltr\" aria-level=\"1\">\n<p dir=\"ltr\" role=\"presentation\">36 old vulnerabilities are already weaponized and have known exploits<\/p>\n<\/li>\n<li dir=\"ltr\" aria-level=\"1\">\n<p dir=\"ltr\" role=\"presentation\">2 CVEs are RCE bugs and 2 CVEs have Privilege Escalation capabilities.<\/p>\n<\/li>\n<li dir=\"ltr\" aria-level=\"1\">\n<p dir=\"ltr\" role=\"presentation\">61 CVEs are rated high and 217 are of medium severity.<\/p>\n<\/li>\n<\/ul>\n<p dir=\"ltr\"><img decoding=\"async\" style=\"width: 550px; height: 410px;\" src=\"\/wp-content\/uploads\/2015\/11\/old-vulnerabilities-1.png\" alt=\"\" \/><\/p>\n<p dir=\"ltr\"><a href=\"#Airtable\">Click here for our analysis and download patches.<\/a><\/p>\n<h2 dir=\"ltr\"><a id=\"Microsoft\" name=\"Microsoft\"><\/a><strong>Microsoft March Patches 2021<\/strong><\/h2>\n<p dir=\"ltr\">Microsoft issued patches for 89 security vulnerabilities, including two zero-day vulnerabilities (CVE-2021-26411 &amp; CVE-2021-27077) in Internet Explorer and Windows.<\/p>\n<p dir=\"ltr\"><a href=\"https:\/\/cybersecurityworks.com\/patchwatch\/csw-patch-watch\/march-microsoft-patches-89-security-vulnerabilities.html\" rel=\"unfollow\">Check out our Microsoft patch edition for more findings.<\/a><\/p>\n<p dir=\"ltr\"><img decoding=\"async\" style=\"width: 550px; height: 400px;\" src=\" \/wp-content\/uploads\/2015\/11\/microsoft-march-patches-2021.png\" alt=\"\" \/><\/p>\n<h2 dir=\"ltr\"><a id=\"CISA\" name=\"CISA\"><\/a><strong>CISA Alerts<\/strong><\/h2>\n<p dir=\"ltr\">CISA has issued an alert for 14 vulnerabilities.<\/p>\n<ul>\n<li dir=\"ltr\" aria-level=\"1\">\n<p dir=\"ltr\" role=\"presentation\">2 CVEs have known exploits with RCE bugs.<\/p>\n<\/li>\n<li dir=\"ltr\" aria-level=\"1\">\n<p dir=\"ltr\" role=\"presentation\">5 CVEs are rated high and 2 are of medium severity.<\/p>\n<\/li>\n<li dir=\"ltr\" aria-level=\"1\">\n<p dir=\"ltr\" role=\"presentation\">4 CVEs are associated with 10 APT Groups, 2 malware, and DearCry ransomware.<\/p>\n<\/li>\n<\/ul>\n<p><img decoding=\"async\" style=\"width: 550px;\" src=\" \/wp-content\/uploads\/2015\/11\/cisa-alerts-1.png\" alt=\"\" \/><\/p>\n<p dir=\"ltr\"><a href=\"#Airtable\">Click here for our analysis and download patches.<\/a><\/p>\n<p><a name=\"Airtable\"><\/a><iframe class=\"airtable-embed\" style=\"background: transparent; border: 1px solid #ccc;\" src=\"https:\/\/airtable.com\/embed\/shrVMEh3aD1cRQARZ?backgroundColor=green&amp;viewControls=on\" width=\"100%\" height=\"533\" frameborder=\"0\"><\/iframe><\/p>\n<h5 dir=\"ltr\"><strong>Table<\/strong>:<strong>\u00a0Security\u00a0Patches March 2021<\/strong><\/h5>\n<p dir=\"ltr\">According to a <a href=\"https:\/\/securityintelligence.com\/articles\/cybersecurity-trends-and-emerging-threats-2021\/\" rel=\"unfollow\">survey<\/a>, one in four cyber attacks that were remediated in 2020 were\u00a0linked to ransomware. We know that security teams are\u00a0inundated with patches and they have to race against time to reduce their attack surface. CSW&#8217;s Patchwatch is a good starting point for these security teams. Subscribe to our newsletter for regular updates.<\/p>\n<p>&nbsp;<\/p>\n<p dir=\"ltr\" style=\"text-align: center;\"><span style=\"font-size: 20px;\"><strong>Concerned about a cyber-attack?<br \/>\nWant to know more about Vulnerability Management as a Service.\u00a0<\/strong><strong><a href=\"https:\/\/cybersecurityworks.com\/get-quote.php\">Talk to us<\/a>.<\/strong><\/span><\/p>\n<p dir=\"ltr\" style=\"text-align: center;\">\n<p dir=\"ltr\" style=\"text-align: center;\">\n","protected":false},"excerpt":{"rendered":"<p>Highlights of Patch Watch Issue 11 16 vendors released security patches for 566 vulnerabilities, including 45 CVEs with known exploits. 14 vulnerabilities that got patched in March are red flagged by\u00a0 CISA. 323 old vulnerabilities have been patched. Microsoft fixed 89 bugs this month. Weaponized Vulnerabilities We have 46 vulnerabilities that are known exploits. Here [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":14453,"parent":0,"menu_order":0,"template":"","meta":{"content-type":""},"patch_category":[],"acf":[],"aioseo_notices":[],"_links":{"self":[{"href":"https:\/\/webdev.securin.xyz\/wp-json\/wp\/v2\/patch_watch\/8696"}],"collection":[{"href":"https:\/\/webdev.securin.xyz\/wp-json\/wp\/v2\/patch_watch"}],"about":[{"href":"https:\/\/webdev.securin.xyz\/wp-json\/wp\/v2\/types\/patch_watch"}],"author":[{"embeddable":true,"href":"https:\/\/webdev.securin.xyz\/wp-json\/wp\/v2\/users\/1"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/webdev.securin.xyz\/wp-json\/wp\/v2\/media\/14453"}],"wp:attachment":[{"href":"https:\/\/webdev.securin.xyz\/wp-json\/wp\/v2\/media?parent=8696"}],"wp:term":[{"taxonomy":"patch_category","embeddable":true,"href":"https:\/\/webdev.securin.xyz\/wp-json\/wp\/v2\/patch_category?post=8696"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}