Security News

While there are older vulnerabilities dating back to 2014, most of these vulnerabilities are from 2020-2021 and updating an entire organization can take months of planning and execution if you don't have an efficient patch management infrastructure in place. Assuming we have a few quiet weeks following Patch Tuesday, take a moment to compare your program to these and see how you stack up.

SonicWall has fixed a handful of vulnerabilities affecting its SMA 100 series appliances and is urging organizations to implement the patches as soon as possible. Although there's currently no evidence of these bugs being exploited in active attacks, threat actors have been known to target these appliances in the past by leveraging known and zero-day vulnerabilities.

Network security vendor SonicWall is urging customers to update their SMA 100 series appliances to the latest version following the discovery of multiple security vulnerabilities that could be abused by a remote attacker to take complete control of an affected system. CVE-2021-20039 - SMA 100 Series authenticated command injection vulnerability as root.

SonicWall 'strongly urges' organizations using SMA 100 series appliances to immediately patch them against multiple security flaws rated with CVSS scores ranging from medium to critical."SonicWall urges impacted customers to implement applicable patches as soon as possible," the company says in a security advisory published Tuesday.

Business software provider Zoho urged customers today to update their Desktop Central and Desktop Central MSP installation to the latest available version. Zoho's ManageEngine Desktop Central is a management platform that helps admins deploy patches and software automatically over the network and troubleshoot them remotely.

Free unofficial patches have been released to protect Windows users from a local privilege escalation zero-day vulnerability in the Mobile Device Management Service impacting Windows 10, version 1809 and later. While Microsoft has most likely also noticed Naceri's June disclosure, the company is yet to patch this LPE bug, exposing Windows 10 systems with the latest November 2021 security updates to attacks.

A sad-faced Microsoft engineer has had to reset the "Days since we last shot ourselves in the foot" counter at the company's HQ after a security update broke Microsoft Defender for Endpoint on Windows Server Core. The latter included the LTSC editions of Windows 10 as Microsoft pointed out, only devices with a Windows Server Core installation were affected.

Proof-of-concept exploit code has been released online over the weekend for an actively exploited high severity vulnerability impacting Microsoft Exchange servers.The security bug tracked as CVE-2021-42321 impacts on-premises Exchange Server 2016 and Exchange Server 2019 and was patched by Microsoft during this month's Patch Tuesday.

A free and unofficial patch is now available for a zero-day local privilege escalation vulnerability in the Windows User Profile Service that lets attackers gain SYSTEM privileges under certain conditions. The bad news is that it impacts fully-updated devices running all Windows versions, including Windows 10, Windows 11, and Windows Server 2022.

The existence of a critical RCE vulnerability affecting certain versions of Palo Alto Networks firewalls using the GlobalProtect Portal VPN has been revealed by a cybersecurity company that exploited it during red team engagements for the last 12 months. The vulnerability has been patched, but since there are still over 10,000 vulnerable internet-facing installations out there, Randori will refrain from publishing technical details related to the vulnerability for a month, to give affected organizations enough time to patch.