“Apply Patches, Lessen your chance of risk”
In the fast moving world of cybersecurity, it is necessary for us to stay updated of the latest vulnerabilities and patch them immediately to prevent any incident from occurring.
WHAT IS CVE?
CVE stands for Common Vulnerabilities and exposures and it is a list of publicly disclosed computer security flaws. The CVE list also includes the fix, scoring and also other information for the identifiers on the CVE list.
CVE Updates for the month of October 2020:
In our fist list of of patches, we have around 87 patches released by Microsoft office, Azure, Microsoft windows, Windows Hyper-V, Windows Kernel and a few more. Lets have a look at them.
Microsoft has released today its monthly batch of security updates and this month the OS maker has patched 87 vulnerabilities across a wide range of Microsoft products.
Then following are the few number of updates released by different vendors,
- Azure – 2
- Microsoft Office – 14
- Microsoft Graphics Component – 4
- Microsoft Office SharePoint – 10
- Microsoft Windows – 30
- Windows Hyper- V – 3
- Microsoft Windows Codecs Library – 2
- Windows Kernel – 5
- Windows RDP – 3
- Microsoft Dynamics – 3
By far, the most dangerous vulnerability of the lot is the CVE-2020-16898, described as a remote code execution (RCE) vulnerability in the Windows TCP/IP stack, this bug can allow attackers to take over Windows systems by sending malicious ICMPv6 Router Advertisement packets to an unpatched computer via a network connection.
The bug was discovered internally by Microsoft engineers, and OS versions vulnerable to CVE-2020-16898 include Windows 10 and Windows Server 2019.
With a severity score of 9.8 out of a maximum of 10, Microsoft considers the bug dangerous and likely to be weaponized, and rightfully so
Continuous vulnerability management and cyber hygiene can fend off the majority of cyber-attacks. Stay secure by updating patches and fix your vulnerabilities before they take over your system.
For a much detailed understanding of the vulnerabilities you can visit Microsoft Security update Guide
Patch Management is one of the main things an organisation has to follow in order to avoid security breaches from happening and safeguard the organisations assets. Another advantage of patching is that it increases productivity, as sometimes the patches come with performance updates too.
Happy Patching!!!
Get in touch with us today to discuss your requirements and the services we offer. Contact us at info@rootfloe.com for a free consultation.
Rootfloe CVE Management team provides monthly updates on the latest discovery of CVE for a better and safer Cyber Eco System. Kindly subscribe to our updates to receive regular updates on the CVE’s to keep your patches update.
