Software vulnerabilities are an unfortunate part of working with technology. A developer puts out a software release with millions of lines of code. Then, hackers look for loopholes that allow them to breach a system through that code.

The developer issues a patch to fix the vulnerability but it’s not long before a new feature update causes more. It’s like a game of “whack-a-mole” to keep your systems secure.

Keeping up with new vulnerabilities is one of the top priorities of IT management firms. It’s important to know which software and operating systems are being attacked.

Without ongoing patch and update management, company networks are vulnerable while these attacks are completely avoidable. 82% of U.S. cyberattacks in Q1 of 2022 were due to exploiting patchable vulnerabilities. 

What new vulnerabilities are lurking in products from Microsoft, Google, Adobe, and others? We’ll go through several. These were recently noted in a warning by the Cybersecurity and Infrastructure Security Agency (CISA).

Make Sure to Patch Any of These Vulnerabilities in Your Systems

Microsoft Vulnerabilities

Microsoft vulnerabilities include those in three of its products. Internet Explorer (IE) is one of them. Microsoft discontinued IE in June of 2022. You should remove this from any computers that still have it installed.

You’ll see the acronym “CVE” used in the vulnerability names. This is an industry-standard naming structure. It stands for Common Vulnerabilities and Exposures.

Here is a rundown of these vulnerabilities and what a hacker can do:

• CVE-2012-4969: This Internet Explorer vulnerability allows the remote execution of code. This is a “critical” vulnerability because of the damage it enables. Hackers can release this via a website. Thus, formerly safe sites can become phishing sites when hackers exploit this loophole.
• CVE-2013-1331: This is a flaw in the code for Microsoft Office 2003 and Office 2011 for Mac. It enables hackers to launch remote attacks. It exploits a vulnerability in Microsoft’s buffer overflow function. This allows hackers to execute dangerous code remotely.
• CVE-2012-0151: This issue impacts the Authenticode Signature Verification function of Windows. It allows user-assisted attackers to execute remote code on a system. “User-assisted” means that they need the user to assist in the attack. Such as by opening a malicious file attachment in a phishing email.

Google Vulnerabilities

Google Chrome and applications built using Google’s Chromium V8 Engine are also on the list. These applications are targets of the following vulnerabilities.

• CVE-2016-1646 & CVE-2016-518: These both allow attackers to conduct denial of service attacks. They do this against websites through remote control. This means they can flood a site with so much traffic that it crashes.
• Those aren’t the only two code flaws that allow hackers to crash sites this way. CVE-2018-17463 and CVE-2017-5070 are two others that both do the same thing. Like all these others, they both have patches already issued that users can install to fix these holes.

Adobe Vulnerabilities

People use Adobe Acrobat Reader widely to share documents. It makes it easy to share them across different platforms and operating systems. But it’s also a tool that’s on this list of popular vulnerabilities. 

• CVE-2009-4324: This is a flaw in Acrobat Reader that allows hackers to execute remote code via a PDF file. This is why you can’t trust that a PDF attachment is going to be safer than other file types. Remember this when receiving unfamiliar emails.
• CVE-2010-1297: This memory corruption vulnerability. It allows remote execution and denial of service attacks through Adobe Flash Player. Like IE, the developer retired Flash Player. It no longer receives support or security updates. You should uninstall this from all PCs and websites.
•  

Netgear Vulnerability

Netgear is a popular brand of wireless router. The company also sells other internet-connected devices. These are also vulnerable, due to the following flaws. 

• CVE-2017-6862: This flaw allows a hacker to execute code remotely. It also enables bypassing any needed password authentication. It’s present in many different Netgear products.

Cisco Vulnerability

• CVE-2019-15271: This is a vulnerability in the buffer overflow process of Cisco RV series routers. It gives a hacker “root” privileges. This means they can basically do anything with your device and execute any code they like.

Patch & Update Regularly!

These are a few of the security vulnerabilities listed on the CISA list. You can see all 36 that were added here.

How do you keep your network safe from these and other vulnerabilities?  You should patch and update regularly. Work with a trusted IT professional to manage your device and software updates. This ensures you don’t have a breach waiting to happen lurking in your network.

Automate Your Cybersecurity Today

Patch and update management is just one way that we can automate your cybersecurity. Contact us today at 716-373-4467 x 115, info@databranch.com or fill out the form below to learn how else we can help by scheduling a consultation today. 

Article used with permission from The Technology Press.

Read More

Benjamin Franklin once said, “An ounce of prevention is worth a pound of cure.” This age old advice is easily applied to the digital world we live in today. Computers, applications and networks are under constant attack by hackers who are extremely motivated by big financial gains.

An effective patch and vulnerability management program has the ability to stop most hackers dead in their tracks. It greatly reduces the risk associated with the exploitation of a neglected or un-patched computer system.

Year after year, we learn that the vast majority of successful cyber-attacks have exploited unpatched computers and / or unpatched applications. What is even more interesting is that most of the patches for these compromised systems had been available to install for months, if not years prior to the cyber-attack.

There is no doubt that the combination of routine vulnerability scanning and the timely installation of system patches will make it much more difficult for a hacker to compromise your computer systems and information.

Here are 7 steps to help you build an effective patch and vulnerability management program:

Inventory Systems and Applications

Before we attempt to patch computers, operating systems and applications, we first must know of their existence. It is important to maintain an inventory of all computing assets. If possible, use inventory software to assist with the task but at the least, make sure the inventory is completed using manual means.

Monitor for Vulnerabilities

Vendors will release patches at regular intervals as new vulnerabilities are discovered. You must know when new patches are available to install otherwise, you risk not installing patches in a timely manner – or installing them at all. Good mechanisms to use for monitoring vulnerabilities include a combination of:

1. Checking the vendor website and subscribing to mailing list
2. Regular vulnerability scanning
3. Checking vulnerability databases, such as the National Vulnerability Database
4. Relying on an enterprise patch management tool.

Click here to learn more about our Security Assessment and to request your Free Baseline Security Assessment.

Selecting Patches to Apply

Deciding which patches are ultimately installed is typically based on the criticality of the patch, importance of the system being patched, the resources required to install the patch and assurance of post install system functionality. It is good practice to at a minimum, install all “Critical” and “Security” patches.

Testing

Prior to installing patches, it is important to install patches in a test or non-production computing environment. This will assure that the installation of the patch will not cause any adverse outages or system disruption when it is ultimately installed in a production computer environment.

Verify Backup

Despite the testing efforts completed in the previous section, it is still conceivable that the installation of a patch will create unanticipated issues or outages. For this reason, it is important that you verify the system or application being patched has recent data backup that can easily be restored if needed.

Automate Patching

The National Institute of Standards and Technology (NIST) recommends that patch installation should be automated using enterprise patch management tools or alternative options. Manually installing patches is expensive and inconsistent. Where possible, be sure that systems are automatically updated according to your patch management program parameters.

Verify Installation

The installation of a patch should always be confirmed by either re-scanning the system with a vulnerability scanner and / or reviewing log files.

Patching Equals Prevention 

All Databranch Comprehensive Care and Foundation Security clients have scheduled automatic patching and Windows updates on their devices. To learn more about how we can help take this off your IT plate, call 716-373-4467 x 15, email info@databranch.com or visit us here to learn more.

Article curtesy of CyberStone.

Read More