Despite patches having been around for many years now, businesses are still not protecting themselves against some of the most basic security vulnerabilities. What’s more, some of these vulnerabilities have been around for a long time but often go unchecked by leading organisations worldwide.
The Cybersecurity and Infrastructure Security Agency (CISA) and the FBI recently advised IT security professionals at public and private sector organisations to place an increased priority on patching the most known vulnerabilities exploited by sophisticated cybercriminals.
Cyberterrorists continue to exploit known—and often dated—software vulnerabilities against broad target sets within organisations in all kinds of sectors. These organisations could limit threats through an increased effort to patch their systems and implement programs to keep system patching up-to-date.
The top ten security vulnerabilities
- CVE-2017-11882–this error has been around since November 2000 but was made more public in 2007. The specific problem relates to a remote code execution vulnerability in Microsoft Office products, and has been used by various malware to bypass security measures on vulnerable computers.
- CVE-2012-0158 – this bug in Windows ActiveX is still unpatched on many people’s computers despite being more than eight years old. It is often exploited by the likes of the Dridex banking trojan.
- CVE-2017-5638– a remote code execution vulnerability in Apache Struts, infamously exploited in the Equifax data breach in 2017.
- CVE-2017-0199– this remote code execution bug in Microsoft Office allows cyber criminals to run malware on a user’s computer via an infected document. It is often seen being used by banking and spyware trojans such as Dridex.
- CVE-2019-0604– a SharePoint remote code execution flaw that has been blamed for a 2019 attack on the United Nations in Geneva and exfiltrating sensitive information held by the UN Office of the High Commissioner for Human Rights (OHCHR).
- CVE-2018-4878– a vulnerability in early versions of Adobe Flash Player which were first successfully exploited by attackers in early 2018.
- CVE-2017-0143– a remote code execution vulnerability in Microsoft SMB that has been incorporated into the Eternal Blue and Eternal Synergy exploit kits.
- CVE-2017-8759–this remote code execution vulnerability in the Microsoft .NET Framework is often used by FinFisher spyware.
- CVE-2018-7600–this is a critical Drupal core vulnerability exploited by cybercriminals to run crypto mining code known as Kitty.
- CVE-2015-1641– this Microsoft Office vulnerability allows an attacker to run malicious code on a target’s computer via an infected RTF document.
US-CERT states that a concerted campaign to patch these vulnerabilities would introduce friction into foreign adversaries’ operational tradecraft and force them to develop or acquire exploits that are more costly and less widely effective. A concerted patching campaign would also bolster network security by focusing scarce defensive resources on the observed activities of foreign adversaries.
RiskXchange tackles the problem
Coding problems tend to appear when up-to-date versions of software may not work properly on older versions of the operating system, or may not be compatible with other software your organisation uses on a daily basis.
Protecting yourself against the above-mentioned security vulnerabilities is not always as a simple as hitting the “Update Now” button. Updating a piece of vulnerable software within your organisation might take a little more than self-taught knowledge.
All vulnerabilities with published fixes should be patched as soon as possible to ensure that your business is not left wide open to cybercriminals. Internal security operations teams are not always able to to keep system patching up-to-date, so that’s when cybersecurity firms like RiskXchange come into play.
RiskXchange can identify security vulnerabilities on any organisation’s internet facing networks and systems. We are also able to advise on why patches should be applied and the risk impact of not patching against these vulnerabilities.
Delivering a solution
Vulnerability screening and visualising vulnerabilities through modelling and simulation is a good way to reduce attack surfaces. Patch simulation and attack surface modelling all help to pinpoint your attack surface and identify ways in which an attacker can gain access to a network.
RiskXchange is leading the fight against cybercrime, coming up with novel solutions to everyday problems. We have developed an innovative way to not only reduce attack surfaces, but to allow organisations to manage them at the same time.
With full visibility over your eco-systems’ entire attack surface in near real-time, you can regularly monitor and mitigate risks to prevent unnecessary exposures. Our passive data collection methods are effective and have no impact on your network performance. Using data-driven insights to prevent breaches is the best way to reduce an attack surface and prevent cyberattacks.
More about RiskXchange
RiskXchange is an information security technology company, that helps companies of all sizes fight the threat of cyber threats by providing instant risk ratings for any company across the globe. RiskXchange was founded and is led by recognised experts within the security industry, who have held leading roles within companies such as IBM Security.