Tripwire Patch Priority Index for December 2021 | The State of Security


Tripwire’s December 2021 Patch Priority Index (PPI) brings together important vulnerabilities for Apache, Ubuntu Linux Kernel, and Microsoft.

First on the patch priority list this month are patches for Apache Log4j2 vulnerabilities, most importantly for the Log4j2 “LogShell” remote code execution vulnerability. There are many attack vectors via various software applications due to Log4j2’s widespread usage in various products. Refer to https://logging.apache.org/log4j/2.x/security.html for more details.

Next on the list are patches for Microsoft MSHTML (CVE-2021-40444) and the Linux Kernel in Ubuntu (CVE-2021-3493). Exploits for these vulnerabilities have been recently added to the Metasploit Exploit Framework. These systems should be patched as soon as possible.

Up next are patches for Microsoft Edge that resolve over 20 vulnerabilities such as user after free, type confusion, heap buffer overflow, and data validation vulnerabilities.

Next are patches for Microsoft Office Access, Excel, Office Developer Platform, and Visual Basic for Applications. These patches resolve 4 issues, including remote code execution, information disclosure, and elevation of privilege vulnerabilities.

Next are patches that affect components of the Windows operating systems. These patches resolve over 30 vulnerabilities, including elevation of privilege, information disclosure, security feature bypass, remote code execution, and denial of service vulnerabilities. These vulnerabilities affect core Windows, kernel, NTFS, TCP/IP driver, common log file system driver, media center, lsasrv, fax service, message queuing, and others.

Lastly, administrators should focus on server-side patches for SharePoint, Hyper-V, Internet Storage Name Service, and BizTalk ESB Toolkit. These patches resolve numerous issues including spoofing, remote code execution, and denial of service vulnerabilities.

BULLETIN CVE
Apache Log4j2 LogShell Remote Code Execution Vulnerability CVE-2021-44228, CVE-2021-45046
Exploit Framework – Metasploit CVE-2021-40444, CVE-2021-3493
Microsoft Edge CVE-2021-4053, CVE-2021-4052, CVE-2021-4064, CVE-2021-4065, CVE-2021-4057, CVE-2021-4056, CVE-2021-4055, CVE-2021-4054, CVE-2021-4059, CVE-2021-4058, CVE-2021-4068, CVE-2021-4061, CVE-2021-4067, CVE-2021-4066, CVE-2021-4062, CVE-2021-4063, CVE-2021-4101, CVE-2021-4100, CVE-2021-4102, CVE-2021-4099, CVE-2021-4098
Microsoft Office Excel CVE-2021-43256
Visual Basic for Applications CVE-2021-42295
Microsoft Office Access CVE-2021-42293
Office Developer Platform CVE-2021-43255
Microsoft Windows CVE-2021-40441, CVE-2021-43216, CVE-2021-43883, CVE-2021-43207, CVE-2021-43226, CVE-2021-43224, CVE-2021-43227, CVE-2021-43219, CVE-2021-43248, CVE-2021-43228, CVE-2021-43232, CVE-2021-43244, CVE-2021-43223, CVE-2021-43238, CVE-2021-43893, CVE-2021-43217, CVE-2021-43245, CVE-2021-43247, CVE-2021-43239, CVE-2021-43237, CVE-2021-43236, CVE-2021-43222, CVE-2021-41333, CVE-2021-43235, CVE-2021-43233, CVE-2021-43234, CVE-2021-43240, CVE-2021-43231, CVE-2021-43230, CVE-2021-43229
Microsoft Office SharePoint CVE-2021-42309, CVE-2021-42294, CVE-2021-42320, CVE-2021-43242
Role: Windows Hyper-V CVE-2021-43246
Internet Storage Name Service CVE-2021-43215
Microsoft BizTalk ESB Toolkit CVE-2021-43892



Source link