Read The Times Australia

Daily Bulletin

November Patch Tuesday Commentary from Ivanti


By Chris Goettl, Vice President, Product Management, at Ivanti


Microsoft has resolved a total of 55 vulnerabilities (CVE’s) in the November Patch Tuesday release, six of which are rated as Critical. The updates include the normal lineup of Windows OS, Office, Azure, and some dev tools like Visual Studio. The more painful part is likely going to be the Exchange update which contains a fix for one of two exploited vulnerabilities this month. Along with the two Zero Day vulnerabilities there are also four publicly disclosed vulnerabilities. From a risk perspective let’s start with the most severe, the two zero days.

 

Microsoft resolved a Remote Code Execution vulnerability in Microsoft Exchange server (CVE-2021-42321) that has been confirmed to be exploited in the wild. The vulnerability is rated as Important by Microsoft likely because the attacker must be authenticated to be able to exploit the vulnerability. This is a good example of the limits of vendor severity and CVSS scoring and how more information is required to fully understand what to prioritize. Exchange updates often need to be tested more by exchange admins, but an exploit in the wild puts a tighter timeframe on admins to get this vulnerability resolved.

 

Microsoft resolved a Security Feature Bypass in Microsoft Excel (CVE-2021-42292) that has been confirmed to be exploited in the wild. The exploit does not require authentication but does require user interaction. The Preview Pane is not an attack vector in this case.

 

Microsoft resolved a pair of Information Disclosure vulnerabilities in Remote Desktop Protocol (CVE-2021-38631 and CVE-2021-41371)) that could allow an RDP server administrator to read Windows RDP client passwords. These two CVEs have been publicly disclosed, but no exploits have currently been observed. The vulnerabilities are only rated as Important and the fact that the attacker would need to be an RDP admin to exploit the information disclosures would make them seem lower priority, but there could be ways for an insider threat to gain access to users credentials they should not have as an example.

 

Microsoft resolved a pair of Remote Code Execution vulnerabilities in 3D Viewer (CVE-2021-43209 and CVE-2021-43208) that have been publicly disclosed. The 3D Viewer is a Microsoft Store app and should auto update itself. You can verify the package using PowerShell to be sure the update has been applied. 3D Viewer is one of those apps that was installed by default on fresh Windows installs, but Microsoft announced that fresh installs using Windows 10 build 21332 or later would no longer install Paint 3D or 3D Viewer by default.

 

The urgency this month is on Exchange and Office updates to resolve the two Zero Day vulnerabilities. Beyond these updates is a broader response to vulnerabilities that are known to be trending amongst threat actors.      BOD 22-01 was issued to drive federal agencies to mitigate actively exploited vulnerabilities, but any organization should be taking this as good guidance to improve their vulnerability management processes.

 

Organizations who adopt a risk-based approach to vulnerability management would identify vulnerabilities that find their way onto a list like this as part of their day-to-day vulnerability management activities. Risk-based analysis of the vulnerabilities in the DHS CISA advisory can help prioritize activities for organizations to respond to, starting with the worst of them first:

  • A total 287 CVEs are released in the alert
    • 32 of them are trending in the last 30 days where attackers are focused on targeting and advancing their tactics
    • 53 CVEs are actively used by Ransomware groups
    • 54 CVEs are used by Malware authors
    • 87 CVEs are capable of a Remote Code Execution
    • 166 CVEs are Weaponized

The focus should be Trending - Ransomware - Malware - RCEs – Weaponized. A Risk-Based Vulnerability Management solution provides this type of analysis out of the box helping prioritize actions quickly and efficiently.  

Business News

Australian organisations are relying on business continuity plans built for a far more predictable world

Tariff escalations, supply chain fragility, geopolitical events, and the ongoing threat of cyber disruption have reshaped the risk environment facing Australian organisations. The problem is that ma...

Daily Bulletin - avatar Daily Bulletin

How to Rent a Car for Uber in Melbourne: What Every New Driver Needs to Know

Starting out as an Uber driver in Melbourne is not as complicated as it sounds but getting the vehicle right is where most new drivers get stuck. Uber has strict requirements around vehicle age, condi...

Daily Bulletin - avatar Daily Bulletin

When Should You Speak to a Lawyer About a Legal Issue?

Legal issues can begin with a simple question, then become harder to manage once formal steps are involved. Many people wait until a matter feels urgent before seeking guidance, even though earlier ...

Daily Bulletin - avatar Daily Bulletin

The strategic rise of Bali as Australia’s next essential healthcare support hub

As Australian healthcare providers grapple with unprecedented operational bottlenecks, a new nearshore model is quietly transforming patient care delivery. Forward-thinking organisations,  including...

Daily Bulletin - avatar Daily Bulletin

Cost Savings and Benefits of Using Used Pallets in Logistics

In today’s competitive logistics and supply chain industry, businesses are constantly looking for ways to reduce operational costs without compromising efficiency and reliability. One of the most prac...

Daily Bulletin - avatar Daily Bulletin

How Fulfilment Services in Australia Help Businesses Scale Efficiently

The growth of e-commerce and modern retail has transformed customer expectations. Consumers now expect fast shipping, accurate order processing, and seamless delivery experiences regardless of where...

Daily Bulletin - avatar Daily Bulletin

Practical Ways Australian Workplaces Can Reduce Operating Costs

Reducing business costs doesn’t always mean cutting staff, shrinking services or making the workplace feel bare-bones. In many cases, the smarter savings are hiding in everyday operations: the light...

Daily Bulletin - avatar Daily Bulletin

Executive Recruitment Solutions That Help Organisations Secure Exceptional Leaders

Leadership has a direct impact on organisational performance, employee engagement, strategic growth, and long-term success. Businesses operating in increasingly competitive environments require experi...

Daily Bulletin - avatar Daily Bulletin

Why A WooCommerce Website Designer Matters For Online Growth

Running an online store today requires more than simply listing products and waiting for customers to arrive. Businesses need a website that is fast, reliable, easy to navigate, and designed to suppor...

Daily Bulletin - avatar Daily Bulletin

The Daily Magazine

The Hidden Engineering Problem Inside Australia's Older Housing Stock

A significant share of Australian homes were built for a way of living that no longer exists. Houses...

DIY Rodent Control Vs Professional Help: When Is It Time To Call The Experts?

Rodents are one of the most frustrating pest problems for Australian property owners. Rats and mic...

Lighting Shop in Perth: How The Right Lighting Can Transform Your Home And Business

The right lighting can completely change the look, feel, and functionality of any space. Whether it ...

Traffic Light System Solutions For Safer And More Efficient Traffic Management

Modern cities and growing communities rely heavily on effective traffic management to ensure safety...

Gold Migration Lawyers in Liquidation: How the Closure Affects Your ART Appeal

If your appeal was with Gold Migration Lawyers, a recent change to how the Tribunal decides cases ...

The pressure cooker: life in urban Australia in 2026

Australian cities have always been demanding. Long commutes, rising housing costs, busy schedules a...

What Actually Makes a Good Criminal Lawyer in Melbourne

Most people only think about this question once. That is usually too late. Most people charged wi...

Why Working With A Chatswood Tutor Can Improve Academic Performance

Academic expectations continue increasing for students across primary school, high school, and senio...

Is It Worth Getting Solar Panels in Melbourne?

The real question is not whether solar works in Melbourne. It works. The question is what it is co...