- What is AI networking? How it automates your infrastructure (but faces challenges)
- I traveled with a solar panel that's lighter than a MacBook, and it's my new backpack essential (and now get 23% off for Black Friday)
- Windows 11 24H2 hit by a brand new bug, but there's a workaround
- This Samsung OLED spoiled every other TV for me, and it's $1,400 off for Black Friday
- How to Protect Your Social Media Passwords with Multi-factor Verification | McAfee Blog
Tripwire Patch Priority Index for June 2021 | The State of Security
Tripwire’s June 2021 Patch Priority Index (PPI) brings together important vulnerabilities from Cacti, Docker, Adobe, and Microsoft.
First on the patch priority list this month are patches for Microsoft SharePoint (CVE-2021-31181), Cacti (CVE-2020-14295), and Docker (CVE-2019-5736). Exploits for these vulnerabilities have been recently added to the Metasploit Exploit Framework. These systems should be patched as soon as possible.
Up next are patches for Adobe Reader and Acrobat that resolve five issues including out-of-bounds read and use-after-free vulnerabilities.
Next is a patch for Microsoft Scripting Engine, which resolves a memory corruption vulnerability.
Next on the patch priority list this month are patches for Microsoft Excel, Office, and Outlook. These patches resolve four remote code execution vulnerabilities.
Then there are patches that affect components of the Windows operating systems. These patches resolve over 20 vulnerabilities including elevation of privilege, information disclosure, remote code execution, security feature bypass, denial of service, and memory corruption. These vulnerabilities affect core Windows, NTLM, DCOM Server, GPSVC, Common Log file system, NFS, Kernel, DWM, Remote Desktop, Kernel-mode Driver, NTFS, and others.
This is followed by a Hyper-V patch that resolves a denial-of-service vulnerability.
Lastly, administrators should focus on server-side patches that resolve several issues including remote code execution, information disclosure, and spoofing vulnerabilities in Microsoft SharePoint.
BULLETIN | CVE |
Exploit Framework – Metasploit | CVE-2021-31181, CVE-2020-14295, CVE-2019-5736 |
APSB21-37: Adobe Reader and Acrobat | CVE-2021-28554, CVE-2021-28551, CVE-2021-28552, CVE-2021-28631, CVE-2021-28632 |
Microsoft Scripting Engine | CVE-2021-31959 |
Microsoft Office Excel | CVE-2021-31939 |
Microsoft Office | CVE-2021-31940, CVE-2021-31941 |
Microsoft Office Outlook | CVE-2021-31949 |
Microsoft Windows | CVE-2021-26414, CVE-2021-31958, CVE-2021-31201, CVE-2021-31199, CVE-2021-31973, CVE-2021-31954, CVE-2021-31974, CVE-2021-31975, CVE-2021-31976, CVE-2021-31951, CVE-2021-31955, CVE-2021-33739, CVE-2021-31968, CVE-2021-31960, CVE-2021-33742, CVE-2021-31972, CVE-2021-31953, CVE-2021-31969, CVE-2021-31970, CVE-2021-31962, CVE-2021-31952, CVE-2021-1675, CVE-2021-31971, CVE-2021-31956 |
Microsoft Role: Hyper-V | CVE-2021-31977 |
Microsoft Office SharePoint | CVE-2021-31965, CVE-2021-26420, CVE-2021-31966, CVE-2021-31963, CVE-2021-31950, CVE-2021-31948, CVE-2021-31964 |