Summary of Monthly Vulnerability Insights:
July reported more advisories than June’s sudden dip. (the first half year was a continued monthly increase until June)
The Log4j vulnerability is still being detected/reported by vendors after almost 8 months:
- IBM Operations Analytics
- IBM Tivoli Network IP Edition
- IBM Enterprise Content Management System Monitor
The trend that we’ve seen for the last few months with hackers focusing on the Low and Medium Vulnerabilities has increased again ( with May being an exception). These Moderate and Less Critical Vulnerabilities are normally not a priority for many organizations, but please make sure you include Threat Intelligence in your Software Vulnerability Management Process to improve your prioritization.
Important conclusions from this month's report are:
- 2 extreme critical advisories were reported ( Google Chrome and Microsoft Edge are both also Zero-day)
- 8 Zero-Day Advisory reported ( 6x Microsoft OS, 1x Google Chrome, 1x Microsoft Edge)
- Over 2,645 CVEs were covered in the 548 Advisories which is more than double from last month. (1,281)
- Threat Intelligence indicates that more Medium and Low Vulnerabilities are targeted by hackers.
- Most vulnerabilities (57.34%) are disclosed by IBM, SUSE, Ubuntu (Canonical), Oracle, and Amazon.
(Red Hat this month outside the top 5 / top +50%)
Last month we reported that 62.60% of all Secunia Advisories had a Threat ( exploits, malware, ransomware, etc.) associated with them, this month the number has been slightly lower to 64.23%↓ , with an increase in the lower and medium criticality range.
Using Threat Intelligence is going to help you with prioritizing what needs to be patched immediately.
Software Vulnerability – and Patch Management is becoming more and more important.
Due to the ongoing Russia-Ukraine conflict, attacks on critical infrastructures in many countries are increasing.
Back in 2019 (just before Covid) patching was recommended within 30 days (or 14 days for a CVSS score of 7 or higher)
Right now, hackers are able to deploy exploits within 1 week and even within 24 hours. This means that organizations need to prioritize even better to quickly patch vulnerabilities (especially the ones with threats associated with them)