Software vulnerabilities are an unfortunate part of working with technology.
A developer puts out a software release with millions of lines of code. Then, hackers look for loopholes that allow them to breach a system through that code.
The developer issues a patch to fix the vulnerability. But it’s not long before a new feature update causes more. It’s like a game of “whack-a-mole” to keep your systems secure. Without ongoing patch and update management, company networks are vulnerable. And these attacks are completely avoidable.
82% of U.S. cyberattacks in Q1 of 2022 were due to exploiting patchable vulnerabilities.
What new vulnerabilities are lurking in products from Microsoft, Google, Adobe, and others? We’ll go through several. These were recently noted in a warning by the Cybersecurity and Infrastructure Security Agency (CISA). Make sure to patch any of these vulnerabilities in your system.
• CVE-2012-4969: An Internet Explorer vulnerability that allows the remote execution of code.
• CVE-2013-1331: This Microsoft Office flaw enables hackers to launch remote attacks.
• CVE-2012-0151: This Windows vulnerability allows user-assisted attackers to execute remote code.
• CVE-2016-1646 & CVE-2016-518: These Chrome & Chromium engine vulnerabilities both allow attackers to conduct denial of
• CVE-2009-4324: This is a flaw in Acrobat Reader that allows hackers to execute remote code via a PDF file.
• CVE-2010-1297: A Flash Player vulnerability that allows remote execution and denial of service attacks. (Flash Player is
no longer supported, so you should remove it).
• CVE-2017-6862: This router flaw allows a hacker to execute code remotely.
• CVE-2019-15271: This vulnerability impacts Cisco RV series routers, and gives a hacker “root” privileges. Patch & Update Regularly!
These are a few of the security vulnerabilities listed on the CISA list. You can see all 36 that were added at Cisa.How do you keep your network safe from these and other vulnerabilities?
You should patch and update regularly. Work with a trusted IT professional (like us) to manage your device and software updates. This ensures you don’t have a breach waiting to happen lurking in your network