Blog

Blog

Tripwire Patch Priority Index for July 2021

Image Tripwire's July 2021 Patch Priority Index (PPI) brings together important vulnerabilities from VMware, Adobe, Oracle, and Microsoft. First on the patch priority list this month are patches for Microsoft Print Spooler (CVE-2021-34527, CVE-2021-1675) and vSphere Client (CVE-2021-21985). Exploits for these vulnerabilities have been...
Blog

Tripwire Patch Priority Index for June 2021

Image Tripwire's June 2021 Patch Priority Index (PPI) brings together important vulnerabilities from Cacti, Docker, Adobe, and Microsoft. First on the patch priority list this month are patches for Microsoft SharePoint (CVE-2021-31181), Cacti (CVE-2020-14295), and Docker (CVE-2019-5736). Exploits for these vulnerabilities have been...
Blog

Tripwire Patch Priority Index for May 2021

Image   Tripwire's May 2021 Patch Priority Index (PPI) brings together important vulnerabilities from Google Chrome, Adobe and Microsoft. First on the patch priority list this month are patches for macOS (CVE-2021-30657) and Google Chrome (CVE-2021-21220). Exploits for these vulnerabilities have been recently added to the Metasploit...
Blog

Tripwire Patch Priority Index for April 2021

Image Tripwire's April 2021 Patch Priority Index (PPI) brings together important vulnerabilities from Google Chrome and Microsoft. First on the patch priority list this month are patches for insufficient input validation vulnerabilities in Google Chrome (Chromium). Exploits for these vulnerabilities have been recently added to the...
Blog

Tripwire Patch Priority Index for March 2021

Image Tripwire's March 2021 Patch Priority Index (PPI) brings together important vulnerabilities from SaltStack, VWware, BIG-IP and Microsoft. First on the patch priority list this month are patches for vulnerabilities in Microsoft Exchange (CVE-2021-27065, CVE-2021-26855), SaltStack (CVE-2021-25282, CVE-2021-25281), BIG-IP (CVE-2021...
Blog

Tripwire Patch Priority Index for February 2021

Image Tripwire's February 2021 Patch Priority Index (PPI) brings together important vulnerabilities from Apache, VMware and Microsoft. First on the patch priority list this month is a patch for Apache Tomcat. The Apache Tomcat "Ghostcat" vulnerability, identified as CVE-2020-1938, has been recently added to the Metasploit Exploit...
Blog

Sloppy patches are a breeding ground for zero-day exploits, says Google

Image Security researchers at Google have claimed that a quarter of all zero-day software exploits could have been avoided if more effort had been made by vendors when creating patches for vulnerabilities in their software. In a blog post, Maddie Stone of Google's Project Zero team says that 25% of the zero-day exploits detected in...
Blog

Tripwire Patch Priority Index for January 2021

Image Tripwire's January 2021 Patch Priority Index (PPI) brings together important vulnerabilities from Microsoft, Dnsmasq and Oracle. First on the patch priority list this month are patches for Dnsmasq related to the seven so-called "DNSpooq" vulnerabilities. Dnsmasq is an open-source DNS forwarding application, and systems using...
Blog

Tripwire Patch Priority Index for December 2020

Image Tripwire's December 2020 Patch Priority Index (PPI) brings together important vulnerabilities from Microsoft, Pulse Secure, and Oracle. First on the patch priority list this month are two vulnerabilities that have recently been included within the Metasploit exploit framework. One is a vulnerability in Pulse Secure Desktop...
Blog

NIST SP 800-128 – Because Patching May Never Fix Your Hidden Flaws

Image Over the last few years, the idea of patching systems to correct flaws has graduated from an annoying business disruption to a top priority. With all of the notorious vulnerabilities that can wreak total havoc, the time it takes to patch becomes a minor inconvenience when weighed against both the technical challenges and...
Blog

Tripwire Patch Priority Index for November 2020

Image Tripwire's November 2020 Patch Priority Index (PPI) brings together important vulnerabilities from Microsoft, Adobe, and Oracle. First on the patch priority list this month are three vulnerabilities in Oracle WebLogic Server that have recently been included within the Metasploit exploit framework. Supported versions of Oracle...
Blog

Tripwire Patch Priority Index for October 2020

Image Tripwire's October 2020 Patch Priority Index (PPI) brings together important vulnerabilities from Microsoft, Apple, Adobe, and Oracle. First on the patch priority list this month is a very high priority vulnerability in Oracle WebLogic Server. The vulnerability is within the Console component of Oracle WebLogic Server, and it...
Blog

Tripwire Patch Priority Index for September 2020

Image Tripwire's September 2020 Patch Priority Index (PPI) brings together important vulnerabilities from Microsoft, Apple, and various Linux distributions. Up first on the patch priority list this month is a very high priority vulnerability, which is called "Zerologon" and identified by CVE-2020-1472. It is an elevation of privilege...
Blog

Tripwire Patch Priority Index for August 2020

Image Tripwire's August 2020 Patch Priority Index (PPI) brings together important vulnerabilities from Microsoft, Adobe, and Apple. Up first on the patch priority list this month are patches for Microsoft and Apple for vulnerabilities that have been integrated into various exploits. Metasploit has recently added exploits for Microsoft...
Blog

Tripwire Patch Priority Index for July 2020

Image Tripwire's July 2020 Patch Priority Index (PPI) brings together important vulnerabilities from Microsoft, F5 Networks, Cisco, and Oracle. Up first on the patch priority list this month are patches for F5 Networks and Cisco for vulnerabilities that have been integrated into various Exploits. Metasploit has recently added exploits...
Blog

Tripwire Patch Priority Index for June 2020

Image Tripwire's June 2020 Patch Priority Index (PPI) brings together important vulnerabilities from Microsoft, BIND and Oracle. Up first on the Patch Priority Index this month are patches for Microsoft, BIND and Oracle for vulnerabilities that have been integrated into various Exploits. Metasploit has recently added exploits for BIND...
Blog

Tripwire Patch Priority Index for May 2020

Image Tripwire's May 2020 Patch Priority Index (PPI) brings together important vulnerabilities from Microsoft, Adobe, SaltStack, and VMware. Up first on the patch priority list this month are patches for VMware vCenter Server and SaltStack Salt. The Metasploit exploit framework has recently integrated exploits for VMware vCenter...
Blog

Tripwire Patch Priority Index for April 2020

Image Tripwire's April 2020 Patch Priority Index (PPI) brings together important vulnerabilities from Microsoft, Oracle, and VMware. Up first on the patch priority list this month is a patch for VMware vCenter Server. This patch resolves an information disclosure vulnerability. This patch has highest priority as proof-of-concept code...
Blog

Tripwire Patch Priority Index for March 2020

Image Tripwire's March 2020 Patch Priority Index (PPI) brings together important vulnerabilities from Microsoft and Adobe. Up first on the patch priority list this month are patches for Microsoft Browsers and Scripting Engine. These patches resolve information disclosure, remote code execution, and memory corruption vulnerabilities....
Blog

Tripwire Patch Priority Index for February 2020

Image Tripwire's February 2020 Patch Priority Index (PPI) brings together important vulnerabilities from Microsoft and Adobe. Up first on the patch priority list this month are patches for Microsoft Edge and Scripting Engine. These patches resolve information disclosure, elevation of privilege, and memory corruption vulnerabilities....