Image Recent headlines have indicated that some major companies were affected by Remote Code Execution (RCE) vulnerabilities, just in the month of October. RCE flaws are largely exploited in the wild, and organizations are continually releasing patches to mitigate the problem. RCE is a type of an Arbitrary Code Execution (ACE) attack...

Image Tripwire's December 2022 Patch Priority Index (PPI) brings together important vulnerabilities for Microsoft. First on the patch priority list this month are patches for Microsoft Edge, which resolve over 25 issues including use-after-free, type confusion, insufficient data validation, insufficient policy enforcement, and other...

Image Tripwire's November 2022 Patch Priority Index (PPI) brings together important vulnerabilities for Microsoft. First on the patch priority list this month are patches for Microsoft Office, Word, and Excel that resolve 8 vulnerabilities, including remote code execution, information disclosure, and security feature bypass...

Image Tripwire's October 2022 Patch Priority Index (PPI) brings together important vulnerabilities for Microsoft and Adobe. First on the patch priority list this month are patches for Chromium and Microsoft Edge based on Chromium. These patches resolve over 10 issues such as user-after-free, insufficient policy enforcement, and out...

Image Tripwire's September 2022 Patch Priority Index (PPI) brings together important vulnerabilities for Microsoft. First on the patch priority list this month are patches for Chromium and Microsoft Edge based on Chromium. These patches resolve over 20 issues such as user-after-free, insufficient policy enforcement, out-of-bounds...

Image Today’s VERT Alert addresses Microsoft’s October 2022 Security Updates. VERT is actively working on coverage for these vulnerabilities and expects to ship ASPL-1025 on Wednesday, October 12th. In-The-Wild & Disclosed CVEs CVE-2022-41033 A vulnerability in the Windows COM+ Event System service could allow malicious...

Image Tripwire's August 2022 Patch Priority Index (PPI) brings together important vulnerabilities for Microsoft. First on the patch priority list this month are patches for Microsoft Office, Outlook, and Excel that resolve 4 vulnerabilities, including denial of service, remote code execution, and security feature bypass. Up next are...

Image Tripwire's July 2022 Patch Priority Index (PPI) brings together important vulnerabilities for Microsoft and Adobe. First on the patch priority list this month are patches that resolve 2 vulnerabilities in Edge. Next is a patch that resolves a security feature bypass vulnerability in Office. Up next are patches for Adobe...

Image Tripwire's June 2022 Patch Priority Index (PPI) brings together important vulnerabilities for Microsoft. First on the patch priority list this month is a patch for a remote code execution vulnerability in Edge. Next are patches for Office and Excel that resolve 3 information disclosure vulnerabilities and 1 remote code execution...

Image Tripwire's May 2022 Patch Priority Index (PPI) brings together important vulnerabilities for Microsoft. First on the patch priority list this month are 2 remote code execution vulnerabilities for Excel and a security feature bypass vulnerability for Office. Up next are patches that affect components of the Windows operating...

Image Tripwire's April 2022 Patch Priority Index (PPI) brings together important vulnerabilities for Microsoft, Google Chrome, Oracle, and Adobe. First on the patch priority list this month is an elevation of privilege vulnerability in the Microsoft Windows User Profile Service. This vulnerability has been added to the Metasploit...

Image Tripwire's March 2022 Patch Priority Index (PPI) brings together important vulnerabilities for Microsoft, Google Chrome, and Spring Framework. First on the patch priority list this month is a remote code execution vulnerability in the Spring Framework (CVE-2022-22965). This vulnerability has been added to the Metasploit Exploit...

Image Tripwire's February 2022 Patch Priority Index (PPI) brings together important vulnerabilities for Microsoft. First on the patch priority list this month is a vulnerability for Microsoft Windows LSA (CVE-2021-36942). This vulnerability has been added to Metasploit Exploit Framework and any vulnerable systems should be patched as...

Image Tripwire's January 2022 Patch Priority Index (PPI) brings together important vulnerabilities for Apache, Open Source Policy Kit, Adobe, and Microsoft. First on the patch priority list this month are patches for Apache Log4j2 vulnerabilities, most importantly for the Log4j2 "LogShell" remote code execution vulnerability (CVE...

Image Tripwire's December 2021 Patch Priority Index (PPI) brings together important vulnerabilities for Apache, Ubuntu Linux Kernel, and Microsoft. First on the patch priority list this month are patches for Apache Log4j2 vulnerabilities, most importantly for the Log4j2 "LogShell" remote code execution vulnerability. There are many...

Image Tripwire's November 2021 Patch Priority Index (PPI) brings together important vulnerabilities for open-source software components and Microsoft. First on the patch priority list this month are patches for Open Management Infrastructure (CVE-2021-38648, CVE-2021-38647), Eclipse Jetty (CVE-2021-28164), and ExifTool (CVE-2021-22204...

Image Tripwire's October 2021 Patch Priority Index (PPI) brings together important vulnerabilities from Squid, Microsoft, and Adobe. First on the patch priority list this month are patches for Squid (CVE-2021-31807, CVE-2021-31806). Exploits for these vulnerabilities have been recently added to the Metasploit Exploit Framework. These...

Image Tripwire's September 2021 Patch Priority Index (PPI) brings together important vulnerabilities from Microsoft, Adobe, Linux, and Confluence. First on the patch priority list this month are patches for the Linux kernel (CVE-2021-3490) and Confluence Server and Data Center (CVE-2021-26084). Exploits for these vulnerabilities have...

Image Tripwire's August 2021 Patch Priority Index (PPI) brings together important vulnerabilities from Microsoft. First on the patch priority list this month are patches for Microsoft Exchange Server (CVE-2021-34523, CVE-2021-34473, and CVE-2021-31207). These vulnerabilities have seen active exploitation. Also, exploits for these...

Image In this episode, Greg Wilson, CISO of Docupace, discussed the rise of ransomware during uncertain times (i.e. COVID pandemic), whether it’s here to stay, and how to prevent damage with security hygiene. https://open.spotify.com/episode/24huDJTPDj7JyOxa1CODge?si=80455f6634a94ee6 Spotify: https://open.spotify.com/show...