Software Vulnerabilities: A Few Common Exploits

/ Software Patching

Patching is a crucial component of maintaining network stability and security, and not doing so leaves you at a significant risk of being a victim of ransomware. Unfortunately, many IT departments struggle to patch effectively, or in some cases completely ignore it. During patching, issues such as deployment failures, application incompatibilities, outages, and reboot failures can occur. However, these setbacks should not deter a company from continuing future patching processes. It is necessary that an efficient patching process is established before it is too late.

In an article by ZDNet, they state, “Over half of the most common security vulnerabilities exploited by criminals to conduct cyberattacks and distribute malware are more than a year old, and some are over five years old, demonstrating how failure to apply security updates is leaving organisations vulnerable to hacking and malicious compromise.” The unfortunate part is that “There are patches from vendors to fix all of these bugs, but software patching is often forgotten or ignored by companies and individuals.” They suggest that, “The most effective thing that can be done to protect networks from falling victims to attacks that use these vulnerabilities is to ensure all products – particularly Microsoft ones – are up to date and that if a new security patch is released, to apply it as soon as possible.”

Cybercriminals have an abundant selection of vulnerabilities to advantage of, here are some examples of the most exploited ZDNet listed out:

Software Vulnerability
  1. CVE-2018-15982 – Adobe Flash Player
  2. CVE-2018-8174 – Microsoft Internet Explorer
  3. CVE-2017-11882 – Microsoft Office
  4. CVE-2018-4878 – Adobe Flash Player
  5. CVE-2019-0752 – Microsoft Internet Explorer
  6. CVE-2017-0199 – Microsoft Office
  7. CVE-2015-2419 – Microsoft Internet Explorer
  8. CVE-2018-20250 – Microsoft WinRAR
  9. CVE-2017-8750 – Microsoft Internet Explorer
  10. CVE-2012-0158 – Microsoft Office

Click here to read the full article by ZDNet.

If you would like to learn more about the importance of software patching, then click here to read our blog.

If you have concerns, or need help, please reach out to Patchworx day or night. We operate 24x7x365 with all US based personnel.

Microsoft WSUS Consultant

WSUS Consulting Services

Software update service for system administrators to manage Microsoft product updates
  • Help resolving common WSUS server issues
  • Solve the problem of PCs not reporting to WSUS
  • Identify and repair the common WSUS system errors
  • Fix high CPU utilization problems
  • Stop duplicate SUSClientIDs
  • Diagnose and fix failed downloads
  • Fix IIS permissions that lead to failed Windows Update Agent Error Codes
  • Using Group Policy to set WSUS agent policies
  • Troubleshooting issues with WSUS client agents

SCCM Consulting Services

Systems management software for managing large numbers of computers running multiple operating systems and application.
  • Help with the frequent updates required to maintain security and version updates
  • Develop a program to get a monthly cadence for distributing updates
  • Understanding the of conflicting reports coming from SCCM
  • Verify accuracy before starting the deployment
  • How to properly initiate Client Notification Actions
  • Troubleshooting (DRS) Database Replication Service within SCCM
  • Proactively fixing client issues
  • Fixing failed deployments so you can move on to other more important tasks
  • Fixing ConfigMgr problems
  • Integrate third party add-ins(like Ivanti) for third party updates
  • Support Wake on Lan(WOL) patching
  • Maintenance Windows feature to prevent Servers restart during business hours
  • Updates Windows 10 image during build process that way your workstation will always have the latest security updates
  • Integrate with PowerBi for better reporting

We utilize a proven 31-step patching process.

*Diagram represents a portion of our process

Patch Management As A Service

FREE Webinar Every Thursday
from 10:00 - 11:00 AM. PST

RSVP Early - Limited Seats

REGISTER NOW!

$250K Cyber Insurance Coverage

Our integrated insurance coverage and breach response services includes $250,000 of cyber liability insurance (annual aggregate) with $0 deductible.

As a Patchworx℠ client, you will be protected for the cost of an actual or suspected violation of a privacy regulation due to a security breach that results in the unauthorized release of protected personal information (PPI) up to the policy limits.

PPI is defined as any private, non-public information of any kind in the merchant’s care, custody or control. This coverage territory is worldwide and is backed by a carrier rated A+ by AM Best.

Patch Management As A Service
CALL (844) 95 PATCH

ACHIEVE PATCH COMPLIANCE ASSURANCE