Daily Bulletin

Business Mentor

.




Here we are, another patch Tuesday and the first of 2021. Looks like we are going to ease into the year with a slightly lighter vulnerability count from Microsoft, but there is definitely some excitement in the mix as they are resolving one actively exploited vulnerability (CVE-2021-1647) and one publicly disclosed vulnerability (CVE-2021-1648). Microsoft has resolved a total of 83 CVEs this month with updates for Windows OS, Edge (HTML-based), Office, Visual Studio, .Net Core, .Net Repository, ASP .Net, Azure, Malware Protection Engine, and SQL Server. 

 

Microsoft Defender received an update to resolve an actively exploited Remote Code Execution vulnerability (CVE-2021-1647). Microsoft frequently updates malware definitions and the malware protection engine and has already pushed the update to resolve the vulnerability. For organizations that are configured for automatic updating no actions should be required, but one of the first actions a threat actor or malware will try to attempt is to disrupt threat protection on a system so definition and engine updates are blocked. For this reason, it is recommended to ensure your Microsoft Malware Protection Engine is Version 1.1.17700.4 or higher. 

 

Microsoft has resolved an important vulnerability in splwow64 that could allow an attacker to elevate their privilege level. The vulnerability (CVE-2021-1648) affects Windows 8.1, Windows 10 and related server builds. The vulnerability could also allow for information disclosure. A public disclosure means enough information, or a proof-of-concept, has been released to the public giving threat actors additional time to develop an exploit. In this case the first details about this CVE were released on December 15 by the Zero Day Initiative.  

 

Microsoft has re-released a fix for Secure Boot that was originally released in February 2020. CVE-2020-0689 is a security feature bypass vulnerability that impacted the Windows Operating System and could bypass secure boot and install untrusted software. The re-release provides a more comprehensive resolution to the vulnerability but does have some known issues. There are some OEM firmware conflicts and BitLocker settings that could run into issues. For more details check out the details on the update page

 

The Critical vulnerabilities this month all seem to be residing in the OS, browser, and malware protection engine, but don’t let that distract you from the other updates. While the SQL, .Net Core, ASP .Net and other dev tools updates this month are only resolving important severity vulnerabilities, the devops toolchain is an area of concern. Your development teams need to be aware of what tools they are using and what vulnerabilities may be exposed.

 

Aside from Microsoft, there were a number of Adobe updates this month and one security update for Mozilla Thunderbird that is Critical.

 

Adobe has posted updates for Adobe Bridge, Captivate, InCopy, Campaign Classic, Animate, Illustrator, and Photoshop. Adobe Bridge has resolved two Critical vulnerabilities, the rest of the updates resolve one Critical or one Important vulnerability each. Adobe has prioritized the Adobe Campaign Classic release as a priority 2, the rest as priority 3. For reference, Adobe’s prioritization has three tiers. A priority 2 has an elevated risk and their guidance is to resolve within 30 days. Priority 3 indicates the product or the type of vulnerability has not been targeted historically so update at their discretion. Given this guidance, administrators should look to update Adobe Campaign Classic in their monthly maintenance. The rest of the updates should be evaluated and updated as reasonable as it is never good to let software stagnate.

 

Adobe Flash Player reached its end of life on December 31, 2020. At this point companies should be removing the historically highly targeted application from their environments if you have not already done so. If you need to continue running Flash for any specific reason it should be specific exceptions in controlled circumstances. Also, Adobe has worked with Harman to transition extended support for enterprise customers. You should reach out to Harman for additional services or coverage past the end of life date. For details see the Flash Player Enterprise End-of-Life page: https://www.adobe.com/products/flashplayer/enterprise-end-of-life.html  

Business News

BYD Expands in Australia: Introducing Chinese Dealerships and Pioneering Innovative Operations

Recently, BYD has been generating significant buzz with the launch of its two new stores in Melbourne and Sydney, revealing some exciting developments. Notably, BYD’s Chairman, Wang Chuanfu, graced ...

Daily Bulletin - avatar Daily Bulletin

Deciphering the Intricacies of Scrap Copper Prices in Melbourne: A Comprehensive Analysis

Introduction In the bustling metropolis of Melbourne, where innovation meets industry, the scrap copper market forms an integral part of the city's economic landscape. From the scrapyards scattered...

Daily Bulletin - avatar Daily Bulletin

Empowering Your Brand: The Integral Role of User-Generated Content in Social Media Marketing

In the ever-evolving landscape of digital marketing, brands constantly seek innovative strategies to connect authentically with their audience. Among these strategies, User-Generated Content (UGC) h...

Daily Bulletin - avatar Daily Bulletin

Tomorrow Business Growth