{"id":8715,"date":"2021-02-12T10:29:36","date_gmt":"2021-02-12T17:29:36","guid":{"rendered":"https:\/\/webdev.securin.xyz\/?post_type=patch_watch&#038;p=8715"},"modified":"2023-03-03T14:28:18","modified_gmt":"2023-03-03T21:28:18","slug":"january-2021-patch-watch-digest","status":"publish","type":"patch_watch","link":"https:\/\/10.42.32.162\/patch_watch\/january-2021-patch-watch-digest\/","title":{"rendered":"January 2021: Patch Watch Digest"},"content":{"rendered":"<h2 dir=\"ltr\"><img decoding=\"async\" style=\"width: 800px; height: 370px;\" src=\"\/wp-content\/uploads\/2015\/11\/highlight-option-01-1.png\" alt=\"\" \/><\/h2>\n<h2 dir=\"ltr\"><span style=\"font-size: 20px;\"><strong><span style=\"font-family: verdana,geneva,sans-serif;\">Highlights of January Digest<\/span><\/strong><\/span><\/h2>\n<ul>\n<li dir=\"ltr\" aria-level=\"1\">\n<p dir=\"ltr\" role=\"presentation\"><span style=\"font-size: 16px;\"><a href=\"#Known Exploits\"><span style=\"font-family: verdana,geneva,sans-serif;\">20 vendors released security updates for 1086 vulnerabilities. 18 CVEs had publicly known exploits.\u00a0<\/span><\/a><\/span><\/p>\n<\/li>\n<li dir=\"ltr\" aria-level=\"1\">\n<p dir=\"ltr\" role=\"presentation\"><span style=\"font-size: 16px;\"><a href=\"#CISA Alerts\"><span style=\"font-family: verdana,geneva,sans-serif;\">49 vulnerabilities that got patched featured in CISA alerts.\u00a0<\/span><\/a><\/span><\/p>\n<\/li>\n<li dir=\"ltr\" aria-level=\"1\">\n<p dir=\"ltr\" role=\"presentation\"><span style=\"font-size: 16px;\"><a href=\"#Old CVEs\"><span style=\"font-family: verdana,geneva,sans-serif;\">669 old vulnerabilities have been patched.<\/span><\/a><\/span><\/p>\n<\/li>\n<li dir=\"ltr\" aria-level=\"1\">\n<p dir=\"ltr\" role=\"presentation\"><span style=\"font-size: 16px;\"><a href=\"#Microsoft Patches\"><span style=\"font-family: verdana,geneva,sans-serif;\">Microsoft put out patches for 83 vulnerabilities.<\/span><\/a><\/span><\/p>\n<\/li>\n<li dir=\"ltr\" aria-level=\"1\">\n<p dir=\"ltr\" role=\"presentation\"><span style=\"font-size: 16px;\"><a href=\"#Oracle Patches\"><span style=\"font-family: verdana,geneva,sans-serif;\">Oracle rolled out security patches for 329 vulnerabilities.<\/span><\/a><\/span><\/p>\n<\/li>\n<\/ul>\n<h2 dir=\"ltr\"><span style=\"font-size: 20px;\"><strong><a id=\"Known Exploits\" name=\"Known Exploits\"><\/a><span style=\"font-family: verdana,geneva,sans-serif;\">Weaponized Vulnerabilities<\/span><\/strong><\/span><\/h2>\n<p dir=\"ltr\"><span style=\"font-size: 16px;\"><span style=\"font-family: verdana,geneva,sans-serif;\">We have 18 vulnerabilities that are publicly known exploits, with 6 CVEs rated critical, 7 are high, and 5 of medium. Here is our analysis \u2013<\/span><\/span><\/p>\n<ul>\n<li dir=\"ltr\" aria-level=\"1\">\n<p dir=\"ltr\" role=\"presentation\"><span style=\"font-size: 16px;\"><span style=\"font-family: verdana,geneva,sans-serif;\">2 CVEs are linked with 3 ransomware families.<\/span><\/span><\/p>\n<\/li>\n<li dir=\"ltr\" aria-level=\"1\">\n<p dir=\"ltr\" role=\"presentation\"><span style=\"font-size: 16px;\"><span style=\"font-family: verdana,geneva,sans-serif;\">2 CVEs are associated with APT Groups.<\/span><\/span><\/p>\n<\/li>\n<li dir=\"ltr\" aria-level=\"1\">\n<p dir=\"ltr\" role=\"presentation\"><span style=\"font-size: 16px;\"><span style=\"font-family: verdana,geneva,sans-serif;\">6 CVEs are associated with RCE bug.<\/span><\/span><\/p>\n<\/li>\n<li dir=\"ltr\" aria-level=\"1\">\n<p dir=\"ltr\" role=\"presentation\"><span style=\"font-size: 16px;\"><span style=\"font-family: verdana,geneva,sans-serif;\">2 CVEs were alerted by CISA.<\/span><\/span><\/p>\n<\/li>\n<li dir=\"ltr\" aria-level=\"1\">\n<p dir=\"ltr\" role=\"presentation\"><span style=\"font-size: 16px;\"><span style=\"font-family: verdana,geneva,sans-serif;\">5 CVEs are webapp exploits.<\/span><\/span><\/p>\n<\/li>\n<li dir=\"ltr\" aria-level=\"1\">\n<p dir=\"ltr\" role=\"presentation\"><span style=\"font-size: 16px;\"><span style=\"font-family: verdana,geneva,sans-serif;\">3 CVEs with Denial of Service.\u00a0<\/span><\/span><\/p>\n<\/li>\n<li dir=\"ltr\" aria-level=\"1\">\n<p dir=\"ltr\" role=\"presentation\"><span style=\"font-size: 16px;\"><span style=\"font-family: verdana,geneva,sans-serif;\">3 CVEs are local exploits.<\/span><\/span><\/p>\n<\/li>\n<\/ul>\n<p dir=\"ltr\" role=\"presentation\"><span style=\"font-size: 14px;\"><span style=\"font-family: verdana,geneva,sans-serif;\"><img decoding=\"async\" style=\"width: 500px; height: 307px;\" src=\"\/wp-content\/uploads\/2022\/10\/weaponized-vulnerabilities-7.png\" alt=\"\" \/><\/span><\/span><\/p>\n<p dir=\"ltr\"><span style=\"font-size: 16px;\"><a href=\"#Airtable\">Click here for our analysis and download patches<span style=\"font-family: verdana,geneva,sans-serif;\">.<\/span><\/a><\/span><\/p>\n<h2 dir=\"ltr\"><span style=\"font-size: 20px;\"><strong><a id=\"Microsoft Patches\" name=\"Microsoft Patches\"><\/a><span style=\"font-family: verdana,geneva,sans-serif;\">Microsoft Patches for January 2021<\/span><\/strong><\/span><\/h2>\n<p dir=\"ltr\"><span style=\"font-size: 16px;\"><span style=\"font-family: verdana,geneva,sans-serif;\">Microsoft released security patches for 83 vulnerabilities.<\/span><\/span><\/p>\n<ul>\n<li dir=\"ltr\" aria-level=\"1\">\n<p dir=\"ltr\" role=\"presentation\"><span style=\"font-size: 16px;\"><span style=\"font-family: verdana,geneva,sans-serif;\">10 CVEs are rated critical and 73 are high.<\/span><\/span><\/p>\n<\/li>\n<li dir=\"ltr\" aria-level=\"1\">\n<p dir=\"ltr\" role=\"presentation\"><span style=\"font-size: 16px;\"><span style=\"font-family: verdana,geneva,sans-serif;\">CVE-2021-1647 is a zero-day exploit with RCE capabilities.<\/span><\/span><\/p>\n<\/li>\n<li dir=\"ltr\" aria-level=\"1\">\n<p dir=\"ltr\" role=\"presentation\"><span style=\"font-size: 16px;\"><span style=\"font-family: verdana,geneva,sans-serif;\">This vulnerability existed within the Microsoft Malware Protection Engine version 1.1.17700.4 or later, a core component of Microsoft Defender that addresses malicious software.<\/span><\/span><\/p>\n<\/li>\n<li dir=\"ltr\" aria-level=\"1\">\n<p dir=\"ltr\" role=\"presentation\"><span style=\"font-size: 16px;\"><span style=\"font-family: verdana,geneva,sans-serif;\">Microsoft also patched a publicly disclosed\u00a0Microsoft splwow64 Elevation of Privilege vulnerability tracked as\u00a0CVE-2021-1648, which was previously disclosed by Google Project Zero\u00a0in September 2020 under CVE-2020-0986.<\/span><\/span><\/p>\n<\/li>\n<\/ul>\n<p dir=\"ltr\"><span style=\"font-family: verdana,geneva,sans-serif;\"><img decoding=\"async\" style=\"width: 500px; height: 386px;\" src=\"https:\/\/lh4.googleusercontent.com\/rIAFcXZO3YxeRmVda18QLDdH8h3cX3mXLZed-2gMfjA5-TdHZjNHxH7Nh9SCK0qOLXIPfJ2Z1uqcgmSB4-P16Mqk8IKnQIiL8Auvu85dBCSTyEl8viSbhmf50vRhG708MK4T_T8\" \/><\/span><\/p>\n<p dir=\"ltr\"><span style=\"font-size: 16px;\"><a href=\"#Airtable\">Click here for our analysis and download patches<span style=\"font-family: verdana,geneva,sans-serif;\">.<\/span><\/a><\/span><\/p>\n<h2 dir=\"ltr\"><strong><span style=\"font-size: 20px;\"><a id=\"Oracle Patches\" name=\"Oracle Patches\"><\/a><span style=\"font-family: verdana,geneva,sans-serif;\">Oracle Patches for January 2021<\/span><\/span><\/strong><\/h2>\n<p dir=\"ltr\"><span style=\"font-size: 16px;\"><span style=\"font-family: verdana,geneva,sans-serif;\">Oracle rolled out security patches for 329 vulnerabilities.<\/span><\/span><\/p>\n<ul>\n<li dir=\"ltr\" aria-level=\"1\">\n<p dir=\"ltr\" role=\"presentation\"><span style=\"font-size: 16px;\"><span style=\"font-family: verdana,geneva,sans-serif;\">January 2021 critical patch update fixes included CVE-2020-14750,\u00a0an exploited vulnerability\u00a0in WebLogic Server, which Oracle addressed with the release of an out-of-band update.<\/span><\/span><\/p>\n<\/li>\n<li dir=\"ltr\" aria-level=\"1\">\n<p dir=\"ltr\" role=\"presentation\"><span style=\"font-size: 16px;\"><span style=\"font-family: verdana,geneva,sans-serif;\">4 CVEs are known exploits.<\/span><\/span><\/p>\n<\/li>\n<li dir=\"ltr\" aria-level=\"1\">\n<p dir=\"ltr\" role=\"presentation\"><span style=\"font-size: 16px;\"><span style=\"font-family: verdana,geneva,sans-serif;\">48 CVEs are rated critical and 131 are high.<\/span><\/span><\/p>\n<\/li>\n<\/ul>\n<p dir=\"ltr\" role=\"presentation\"><span style=\"font-size: 14px;\"><span style=\"font-family: verdana,geneva,sans-serif;\"><img decoding=\"async\" style=\"width: 500px; height: 346px;\" src=\"\/wp-content\/uploads\/2022\/10\/oracle-patches-1.png\" alt=\"\" \/><\/span><\/span><\/p>\n<p dir=\"ltr\" role=\"presentation\"><span style=\"font-size: 16px;\"><a href=\"#Airtable\">Click here for our analysis and download patches<span style=\"font-family: verdana,geneva,sans-serif;\">.<\/span><\/a><\/span><\/p>\n<h2 dir=\"ltr\"><span style=\"font-size: 20px;\"><strong><span style=\"font-family: verdana,geneva,sans-serif;\">Product Based Analysis\u00a0<\/span><\/strong><\/span><\/h2>\n<p dir=\"ltr\"><span style=\"font-size: 16px;\"><span style=\"font-family: verdana,geneva,sans-serif;\">We further analyzed Microsoft patches\u00a0based on the product and found that &#8211; Out of 83 CVEs, 23 have RCE and 32 have PE capabilities. <\/span><\/span><\/p>\n<p dir=\"ltr\"><span style=\"font-size: 16px;\"><span style=\"font-family: verdana,geneva,sans-serif;\">When Oracle products were analyzed, 171 CVEs were associated with RCE flaws out of 329.<\/span><\/span><\/p>\n<h4 dir=\"ltr\"><\/h4>\n<p><iframe class=\"airtable-embed\" style=\"background: transparent; border: 1px solid #ccc;\" src=\"https:\/\/airtable.com\/embed\/shrTT3jlQ1xDr3upn?backgroundColor=green&amp;viewControls=on\" width=\"100%\" height=\"533\" frameborder=\"0\"><\/iframe><\/p>\n<h4 dir=\"ltr\"><span style=\"font-size: 14px;\"><strong><span style=\"font-family: verdana,geneva,sans-serif;\">Table 1: Product Analysis<\/span><\/strong><\/span><\/h4>\n<h2 dir=\"ltr\"><span style=\"font-size: 20px;\"><strong><a id=\"Old CVEs\" name=\"Old CVEs\"><\/a><span style=\"font-family: verdana,geneva,sans-serif;\">Old Vulnerabilities Patched in January 2021<\/span><\/strong><\/span><\/h2>\n<p dir=\"ltr\"><span style=\"font-size: 16px;\"><span style=\"font-family: verdana,geneva,sans-serif;\">669 Old vulnerabilities have been issued security updates ranging from the year 2013 to 2020.<\/span><\/span><\/p>\n<ul>\n<li dir=\"ltr\" aria-level=\"1\">\n<p dir=\"ltr\" role=\"presentation\"><span style=\"font-size: 16px;\"><span style=\"font-family: verdana,geneva,sans-serif;\">5 CVEs are associated with five different ransomware families such as BitPaymer, Petya, Cerber, DoppelPaymer, and Redkeeper.<\/span><\/span><\/p>\n<\/li>\n<li dir=\"ltr\" aria-level=\"1\">\n<p dir=\"ltr\" role=\"presentation\"><span style=\"font-size: 16px;\"><span style=\"font-family: verdana,geneva,sans-serif;\">2 CVEs are linked to Lazarus and Kelvin SecTeam APT Group.<\/span><\/span><\/p>\n<\/li>\n<li dir=\"ltr\" aria-level=\"1\">\n<p dir=\"ltr\" role=\"presentation\"><span style=\"font-size: 16px;\"><span style=\"font-family: verdana,geneva,sans-serif;\">17 CVEs are known exploits.<\/span><\/span><\/p>\n<\/li>\n<li dir=\"ltr\" aria-level=\"1\">\n<p dir=\"ltr\" role=\"presentation\"><span style=\"font-size: 16px;\"><span style=\"font-family: verdana,geneva,sans-serif;\">24 CVEs are issued an alert by CISA.<\/span><\/span><\/p>\n<\/li>\n<li dir=\"ltr\" aria-level=\"1\">\n<p dir=\"ltr\" role=\"presentation\"><span style=\"font-size: 16px;\"><span style=\"font-family: verdana,geneva,sans-serif;\">CVE-2017-5638 \u2013 This RCE vulnerability exists in Apache given the CVSS Score of 10(critical) and CWE \u2013 20, which tops 3 in the Top 25 Common Weakness Enumeration. This CVE is associated with the Lazarus APT group and Ceber ransomware.\u00a0<\/span><\/span><\/p>\n<\/li>\n<li dir=\"ltr\" aria-level=\"1\">\n<p dir=\"ltr\" role=\"presentation\"><span style=\"font-size: 16px;\"><span style=\"font-family: verdana,geneva,sans-serif;\">CVE-2019-0708 is an RCE bug that exists in Microsoft provided the CVSS Score of 10 and CWE \u2013 416, which topped 8 in Top 25 Common Weakness Enumeration. This is also associated with Kelvin SecTeam APT Group and DoppelPaymer and Redkeeper ransomware.<\/span><\/span><\/p>\n<\/li>\n<li dir=\"ltr\" aria-level=\"1\">\n<p dir=\"ltr\" role=\"presentation\"><span style=\"font-size: 16px;\"><span style=\"font-family: verdana,geneva,sans-serif;\">70 CVEs are rated critical, and 144 are high.\u00a0<\/span><\/span><\/p>\n<\/li>\n<\/ul>\n<p><img decoding=\"async\" style=\"width: 500px; height: 349px;\" src=\"\/wp-content\/uploads\/2022\/10\/old-vulnerabilities-3.png\" alt=\"\" \/><\/p>\n<p dir=\"ltr\" style=\"text-align: justify;\"><span style=\"font-size: 16px;\"><span style=\"font-family: verdana,geneva,sans-serif;\">Old vulnerabilities are still a problem to everyone that raises stakes to ransomware attacks. From the above analysis of vulnerabilities, out of 18 known exploits, 17 comes under old vulnerabilities, which also includes 5 ransomware associations and 2 APT Groups. This clearly proves that old vulnerabilities potentially fall target to ransomware attacks and massive disruptions.\u00a0<\/span><\/span><\/p>\n<p dir=\"ltr\"><span style=\"font-size: 16px;\"><span style=\"font-family: verdana,geneva,sans-serif;\">Therefore, it is necessary to prioritize the unpatched old security vulnerabilities first and ensure all the systems have the latest patches.\u00a0<\/span><\/span><\/p>\n<p dir=\"ltr\"><span style=\"font-size: 16px;\"><a href=\"#Airtable\">Click here for our analysis and download patches<span style=\"font-family: verdana,geneva,sans-serif;\">.<\/span><\/a><span style=\"font-family: verdana,geneva,sans-serif;\">\u00a0<\/span><\/span><\/p>\n<h2 dir=\"ltr\"><span style=\"font-size: 20px;\"><strong><a id=\"CISA Alerts\" name=\"CISA Alerts\"><\/a><span style=\"font-family: verdana,geneva,sans-serif;\">CISA Alerts<\/span><\/strong><\/span><\/h2>\n<p dir=\"ltr\"><span style=\"font-size: 16px;\"><span style=\"font-family: verdana,geneva,sans-serif;\">CISA issued a warning alert for 49 vulnerabilities.<\/span><\/span><\/p>\n<ul>\n<li dir=\"ltr\" aria-level=\"1\">\n<p dir=\"ltr\" role=\"presentation\"><span style=\"font-size: 16px;\"><span style=\"font-family: verdana,geneva,sans-serif;\">1 CVE is associated with the Kelvin SecTeam APT Group.<\/span><\/span><\/p>\n<\/li>\n<li dir=\"ltr\" aria-level=\"1\">\n<p dir=\"ltr\" role=\"presentation\"><span style=\"font-size: 16px;\"><span style=\"font-family: verdana,geneva,sans-serif;\">1 CVE with DoppelPaymer and Redkeeper ransomware families.<\/span><\/span><\/p>\n<\/li>\n<li dir=\"ltr\" aria-level=\"1\">\n<p dir=\"ltr\" role=\"presentation\"><span style=\"font-size: 16px;\"><span style=\"font-family: verdana,geneva,sans-serif;\">2 CVEs are Known exploits.<\/span><\/span><\/p>\n<\/li>\n<li dir=\"ltr\" aria-level=\"1\">\n<p dir=\"ltr\" role=\"presentation\"><span style=\"font-size: 16px;\"><span style=\"font-family: verdana,geneva,sans-serif;\">2 CVEs are rated critical and 2 are high.<\/span><\/span><\/p>\n<\/li>\n<\/ul>\n<p><span style=\"font-size: 16px;\"><a href=\"#Airtable\">Click here for our analysis and download patches<span style=\"font-family: verdana,geneva,sans-serif;\">.<\/span><\/a><\/span><\/p>\n<p dir=\"ltr\"><img decoding=\"async\" style=\"width: 500px; height: 346px;\" src=\"\/wp-content\/uploads\/2022\/10\/cisa-alerts-3.png\" alt=\"\" \/><\/p>\n<p><a name=\"Airtable\"><\/a><iframe class=\"airtable-embed\" style=\"background: transparent; border: 1px solid #ccc;\" src=\"https:\/\/airtable.com\/embed\/shrXpdXWAZSzch7NS?backgroundColor=green&amp;viewControls=on\" width=\"100%\" height=\"533\" frameborder=\"0\"><\/iframe><\/p>\n<h4 dir=\"ltr\"><span style=\"font-size: 14px;\"><span style=\"font-family: verdana,geneva,sans-serif;\"><strong>Table 2: January 2021 Security Patches<\/strong><\/span><\/span><\/h4>\n<p dir=\"ltr\" style=\"text-align: justify;\"><span style=\"font-size: 16px;\"><span style=\"font-family: verdana,geneva,sans-serif;\">Patching is vital. Organizations today face the trade-off between speed and perfection. It has become unrealistic to delay a software release until the product is perfect. Therefore, security is compromised and the product gets shipped with vulnerabilities.\u00a0<\/span><\/span><\/p>\n<p dir=\"ltr\" style=\"text-align: justify;\"><span style=\"font-size: 16px;\"><span style=\"font-family: verdana,geneva,sans-serif;\">The only solution is to be more proactive and properly remediate vulnerabilities using risk-based vulnerability management and deploy a secure product. Be cyber smart by adopting attack surface management for patching instead of battling the attacks.<\/span><\/span><\/p>\n<h3 style=\"text-align: center;\"><span style=\"font-size: 18px;\"><span style=\"font-family: verdana,geneva,sans-serif;\">Worried about a cyber breach?<br \/>\nGet a complete Attack Surface Management Service.\u00a0<a href=\"https:\/\/cybersecurityworks.com\/get-quote.php\" target=\"_blank\" rel=\"noopener\">Talk to us<\/a>.<\/span><\/span><\/h3>\n<p>&nbsp;<\/p>\n<p>&nbsp;<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Highlights of January Digest 20 vendors released security updates for 1086 vulnerabilities. 18 CVEs had publicly known exploits.\u00a0 49 vulnerabilities that got patched featured in CISA alerts.\u00a0 669 old vulnerabilities have been patched. Microsoft put out patches for 83 vulnerabilities. Oracle rolled out security patches for 329 vulnerabilities. Weaponized Vulnerabilities We have 18 vulnerabilities that [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":14443,"parent":0,"menu_order":0,"template":"","meta":{"content-type":""},"patch_category":[],"acf":[],"aioseo_notices":[],"_links":{"self":[{"href":"https:\/\/10.42.32.162\/wp-json\/wp\/v2\/patch_watch\/8715"}],"collection":[{"href":"https:\/\/10.42.32.162\/wp-json\/wp\/v2\/patch_watch"}],"about":[{"href":"https:\/\/10.42.32.162\/wp-json\/wp\/v2\/types\/patch_watch"}],"author":[{"embeddable":true,"href":"https:\/\/10.42.32.162\/wp-json\/wp\/v2\/users\/1"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/10.42.32.162\/wp-json\/wp\/v2\/media\/14443"}],"wp:attachment":[{"href":"https:\/\/10.42.32.162\/wp-json\/wp\/v2\/media?parent=8715"}],"wp:term":[{"taxonomy":"patch_category","embeddable":true,"href":"https:\/\/10.42.32.162\/wp-json\/wp\/v2\/patch_category?post=8715"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}