Daily Bulletin

Men's Weekly

.


Microsoft has just released the June Patch Tuesday updates and it is a hot one! There are 49 unique vulnerabilities, six of which have been detected in exploits in the wild. Many of the exploited vulnerabilities are only rated as Important and have lower CVSSv3 base scores, which can cause them to be missed in prioritization in some organizations. This brings a very important prioritization challenge to the forefront this month. Vendor severity ratings and scoring systems like CVSS may not reflect the real-world risk in many cases. Adopting a Risk-based Vulnerability Management approach and using additional risk indicators and telemetry on real-world attack trends is vital to stay ahead of threats like modern ransomware.

 

Microsoft resolved an Information Disclosure vulnerability in Windows Kernel (CVE-2021-31955).  The vulnerability affects Windows 10 1809, Server 2019 and later versions of the Windows OS. This vulnerability allows an attacker to access the contents of Kernel memory from a user mode process, granting access to sensitive information. The vulnerability is rated as Important and has a CVSSv3 base score of 5.5, which could be missed in some organizations' prioritization.

 

Microsoft resolved an Elevation of Privilege vulnerability in Windows NTFS (CVE-2021-31956) which could allow an attacker could convince a local user to open a malicious file, or in the case the attacker is already on the system, run a specially crafted application to exploit the vulnerability and take control of the affected system. This vulnerability affects Windows 7, Server 2008 and later Windows OS versions. The vulnerability is rated as Important and has a CVSSv3 base score of 7.8, which could be missed in some organizations' prioritization.

 

Microsoft resolved a Remote Code Execution vulnerability (CVE-2021-33742) which could allow an attacker to remotely execute code on the target system. To exploit the vulnerability, the attacker must convince a user to take an action — but this is a small barrier for threat actors. The exploit does not require any privileges to exploit the vulnerability. This vulnerability affects Windows 7, Server 2008 and later Windows OS versions and is rated as Critical with a CVSSv3 base score of 7.5.

 

Microsoft resolved an Elevation of Privilege vulnerability(CVE-2021-31199) in Microsoft Enhanced Cryptographic Provider which could allow an attacker to elevate from a low privilege to gain access to more information on the system and modify some data. This vulnerability is related to a previously exploited Adobe vulnerability. To fully resolve the threat there are three vulnerabilities that must be resolved. “Microsoft CVE-2021-31201 and CVE-2021-31199 address vulnerabilities that are related to Adobe's CVE-2021-28550, released in Adobe Security Bulletin ID APSB21-29. Customers running affected versions of Microsoft Windows should install the June security updates to be fully protected from these three vulnerabilities.” This vulnerability affects Windows 7, Server 2008 and later Windows OS versions and is rated as Important with a CVSSv3 base score of 5.2, which could be missed in some organizations' prioritization.

 

Microsoft resolved an Elevation of Privilege vulnerability (CVE-2021-31201) in Microsoft Enhanced Cryptographic Provider which could allow an attacker to elevate from a low privilege to gain access to more information on the system and ability to modify some data. This vulnerability is related to a previously exploited Adobe vulnerability. To fully resolve the threat there are three vulnerabilities that must be resolved. “Microsoft CVE-2021-31201 and CVE-2021-31199 address vulnerabilities that are related to Adobe's CVE-2021-28550, released in Adobe Security Bulletin ID APSB21-29. Customers running affected versions of Microsoft Windows should install the June security updates to be fully protected from these three vulnerabilities.” This vulnerability affects Windows 7, Server 2008 and later Windows OS versions and is rated as Important with a CVSSv3 base score of 5.2, which could be missed in some organizations' prioritization.

 

Microsoft resolved an Elevation of Privilege vulnerability (CVE-2021-33739) in Microsoft DWM Core Library which could allow an attacker to elevate from no authorization to full control of the system without the need for user interaction. The attacker can use a variety of methods to access a system and, once on, would be able to run an executable or script to gain control of the affected system. This vulnerability only affects Windows 10 1909, Server 2004 and later Windows OSs. The vulnerability is rated as Important and has a CVSSv3 base score of 8.4, which could be missed in some organizations' prioritization.

 

The Windows OS updates this month are the top priority and resolve all of the Zero Day vulnerabilities that Microsoft has resolved. Prioritize the OS update to reduce this risk quickly.

 

Business News

Nutifood Partners With GippsNature for First Product Launch, Eyeing Global Growth

The Victorian Government delegation joined discussions during the visit The first GippsNature product signals a new chapter in Vietnam - Australia dairy ties. A New Cross-Border Dairy Initiative ...

Daily Bulletin - avatar Daily Bulletin

5 Tips for Maintaining Outdoor Furniture in Rentals

Think outdoor furniture is low-maintenance? Tell that to the sun, the rain, and the occasional possum that decides to test it out. If you’re managing a property, that outdoor setup isn’t just for sho...

Daily Bulletin - avatar Daily Bulletin

Finding the Best Removalists in Geelong, Victoria: What You Need to Know

Moving to a new home or office can be both exciting and stressful. The process involves a lot of planning, coordination, and effort to ensure that everything runs smoothly. One of the most important d...

Daily Bulletin - avatar Daily Bulletin

Speed Dating For Business
hacklink hack forum hacklink film izle hacklink padişahbetholiganbetholiganbetbetkolikbetkolikbetkolikhiltonbetmeritkinggrandpashabetgrandpashabetelon musk ポルノ映画 hard moviemadridbetserra vuralnitrobahis