Patch Tuesday is back. Just like we saw in June, we have several that are already publicly disclosed, four of those being actively exploited. Overall, we are looking at 117 total exploits closed, with 13 of them being rated critical. It’s looking like June’s worst trends are still plaguing systems, while going back to the large total numbers we saw often in 2020.
Some Highlights (Or Lowlights)
This Remote Code Execution for Microsoft Exchange is rated as a 9.1, requires no user interaction, has a low complexity, and does not require user interaction. That seems to cover just about all of the worst case scenarios for an exploit. That is, before we mention that this is one that is already publicly disclosed. If you run exchange on-prem, this should have you running to get it patched ASAP.
This exploit is already being used out in the wild, and per the MSRC site it can cause a total of integrity and confidentiality. In other words, they can get all information or modify all files from the impacted component. The only ray of sunshine here is that it does require user interaction, but that can be as simple as getting users to visit a corrupted site or click on a bad link. Thank goodness your thorough end-user training has been adopted by everyone!
Anytime there is a threat to DNS, it’s worth highlighting. On the bright side, you don’t need to patch every machine with this one, only machines that are DNS servers. On the dark side, it requires minimal permissions and no user interaction to exploit. This is not one that is already publicly known or exploited, so at least patching should get you ahead of it.
This was a very rough month. I was really hoping the spike we saw in already exploited vulnerabilities was an outlier, but it seems to be more of a trend at this point. This would have been one of the roughest months I have done a write-up for, even before you account for things that came out before Patch Tuesday.
It is becoming apparent that patching needs to happen faster and more efficiently than ever before. PDQ Deploy and Inventory can not only help you get patches done faster, but our team can also help you get the process automated so you don’t even have to worry about them. We would love for our readers to read these blogs to stay on top of updates--and not to find out how much of your hair you will need to pull out this month
*Highlights Magazine is a trademark of "Highlights For Children". Lowlights Magazine is a dripping satire and should be recognized as such.
Jordan had spent his life wondering why tasks he didn’t like to do had no options to complete themselves. Eventually he had to make that happen on his own. It turned out that he enjoyed making tasks complete themselves, and PDQ thought that is something he should talk about on the internet while drinking most Thursdays on the PDQ webcast.