Today’s VERT Alert addresses Microsoft’s February 2021 Security Updates . VERT is actively working on coverage for these vulnerabilities and expects to ship ASPL-928 on Wednesday, February 10th. In-The-Wild & Disclosed CVEs CVE-2021-1732 A vulnerability in Win32k that allows for privilege escalation has been exploited in the wild. The Cybersecurity and Infrastructure Security Agency (CISA)...

Today’s VERT Alert addresses Microsoft’s January 2021 Security Updates . VERT is actively working on coverage for these vulnerabilities and expects to ship ASPL-922 on Wednesday, January 13th. In-The-Wild & Disclosed CVEs CVE-2021-1647 A vulnerability in the Microsoft Malware Protection Engine (MMPE) is currently seeing active exploitation. Since the MMPE is updated regularly with malware...

Vulnerability Description The United States Cybersecurity & Infrastructure Security Agency (CISA) has advised that an advanced persistent threat (APT) actor was able to insert sophisticated malware into officially signed and released updates to the SolarWinds network management software . The attacks have been ongoing since at least March 2020 and CISA has warned that many high-value targets...

Today’s VERT Threat Alert addresses Microsoft’s December 2020 Security Updates . VERT is actively working on coverage for these vulnerabilities and expects to ship ASPL-918 on Wednesday, December 9th. In-The-Wild & Disclosed CVEs There are no In-The-Wild or Disclosed CVEs patched this month. CVE Breakdown by Tag While historical Microsoft Security Bulletin groupings are gone, Microsoft...

Organizations face an ever-evolving threat landscape. With this in mind, it is imperative that organizations keep an up-to-date vulnerability management policy for remediating and controlling security vulnerabilities that may lead to a breach. A good vulnerability management policy should contain the following: An Overview of what the policy is intended to do. The Scope of the policy. Roles and...

Today’s VERT Alert addresses Microsoft’s November 2020 Security Updates . VERT is actively working on coverage for these vulnerabilities and expects to ship ASPL-915 on Wednesday, November 11th. Note: Microsoft has changed their advisory format and no longer provides basic vulnerability descriptions. In-The-Wild & Disclosed CVEs CVE-2020-17087 This CVE describes a local elevation of privilege...

In the last quarter of 2019, researchers at ClearSky uncovered an attack operation that they dubbed the “Fox Kitten Campaign.” Iranian actors used this offensive to gain persistent access into the networks of dozens of companies operating in Israel and around the world across the IT, telecommunication, oil and gas, aviation, government and security sectors. These individuals were successful in...

Today’s VERT Alert addresses Microsoft’s October 2020 Security Updates . VERT is actively working on coverage for these vulnerabilities and expects to ship ASPL-909 on Wednesday, October 14th. In-The-Wild & Disclosed CVEs (October 2020 Patch Tuesday Analysis) CVE-2020-16938 This CVE describes an information disclosure in the Windows kernel that could allow a local attacker to disclose information...

Today’s VERT Alert addresses Microsoft’s September 2020 Security Updates . VERT is actively working on coverage for these vulnerabilities and expects to ship ASPL-903 on Wednesday, September 9th. In-The-Wild & Disclosed CVEs There were no in-the-wild or disclosed CVEs included in this month’s security guidance. CVE Breakdown by Tag While historical Microsoft Security Bulletin groupings are gone...

Today’s VERT Alert addresses Microsoft’s August 2020 Security Updates . VERT is actively working on coverage for these vulnerabilities and expects to ship ASPL-899 on Wednesday, August 12th. In-The-Wild & Disclosed CVEs CVE-2020-1464 A vulnerability exists in the way that Windows validates file signatures. An attacker could load improperly signed files by bypassing security features that validate...

Today’s VERT Alert addresses Microsoft’s July 2020 Security Updates . VERT is actively working on coverage for these vulnerabilities and expects to ship ASPL-895 on Wednesday, July 15th. In-The-Wild & Disclosed CVEs CVE-2020-1463 A vulnerability in the SharedStream Library could allow a locally authenticated attacker to run a malicious application in order to elevate their privileges. Microsoft...

Today’s VERT Alert addresses Microsoft’s June 2020 Security Updates . VERT is actively working on coverage for these vulnerabilities and expects to ship ASPL-888 on Wednesday, June 10th. In-The-Wild & Disclosed CVEs None of the vulnerabilities resolved this month have been publicly disclosed or exploited according to Microsoft. CVE Breakdown by Tag While historical Microsoft Security Bulletin...

Only the truly committed ever reach the summit of anything. This sentiment holds true for vulnerability management. An organization cannot reach the summit without a serious commitment to fund and staff the program appropriately across the organization. Reaching ML:5 means tying the program to the business. Everyone must be aligned with the metrics and be ready to find the root cause of any misses...

Today’s VERT Alert addresses Microsoft’s May 2020 Security Updates . VERT is actively working on coverage for these vulnerabilities and expects to ship ASPL-884 on Wednesday, May 13th. In-The-Wild & Disclosed CVEs None of the vulnerabilities resolved this month have been publicly disclosed or exploited according to Microsoft. CVE Breakdown by Tag While historical Microsoft Security Bulletin...

Today’s VERT Alert addresses Microsoft’s April 2020 Security Updates . VERT is actively working on coverage for these vulnerabilities and expects to ship ASPL-880 on Wednesday, April 15th. In-The-Wild & Disclosed CVEs CVE-2020-0935 A vulnerability in the OneDrive for Windows desktop application could allow an attacker to overwrite a targeted file and ultimately allow code execution with elevated...

The climb is getting steeper, but thanks to hard work, vision and insight are much keener. At ML:4, all assets are scanned by a combination of agent and remote scans on a normal cadence. This will generate a lot of data dictated by threat and patch priority. Thousands of new vulnerabilities are released each year, and no company or product can detect all of them. Organizations must prioritize...

ML:3 is base camp, and getting here means you have reached a level that others have only dreamed about. At this level, the VM program is very good, and your visibility into threats to the environment is much better than it has ever been. Prioritizing Asset Assessment The biggest change at this level is the focus on the breadth of assessment going on in the organization. The goal at this point is...

The path is starting to get steeper now as we climb to ML2. It is time to start defining a vulnerability management program with objectives and goals. This program is expected to grow and evolve over time as the organization grows and evolves. Document the requirements Start by documenting what is in place now and what objections the organization is trying to reach. Define the stakeholders The...

As we wind down 2019, it is a great time to think about your vulnerability management plans for the coming year. The five W’s can help guide our efforts as we resolve to improve our digital security for the coming new year. What Is Vulnerability Management? Vulnerability assessments are useful for detecting security issues within your environment. By identifying potential security weaknesses...

The time at ML:0 can be eye-opening form many organizations. There are generally a lot of assets discovered that are new or had been forgotten about. Almost every organization discovers their own Methuselah; this is the system that has been around forever and performs some important tasks but has not been updated in years. The system admins are scared to touch it for fear of breaking something. At...