- Flexera Community
- :
- Software Vulnerability Management
- :
- Software Vulnerability Management Blog
- :
- Monthly Vulnerability Review – June 2020
Monthly Vulnerability Review – June 2020
- Subscribe to RSS Feed
- Mark as New
- Mark as Read
- Subscribe
- Printer Friendly Page
- Report Inappropriate Content
Summary
501 advisories for 82 unique vendors in 354 products and 453 unique versions, while issued 111 rejected advisories. An 11% increase in the total number of advisories from the previous month.
Details of Secunia advisories are explained in this article.
Browsers
Three advisories were issued for Google Chrome. All were highly critical and had threat scores attached to them and exploits were linked to cyber attacks and historically linked to Penetration tools.
Two advisories for Mozilla Firefox and one for Internet explorer.
Call to Action
Keep your browsers updated due to exposure.
Secunia Advisory criticalities are further explained at this link
CVSS v3 is the industry standard to define the severity of the vulnerabilities, its exploitability, impact metrics, and environmental metrics.
The criteria for Threat Score calculation are outlined at this link.
Ransomware, Malware, and Exploit Kits:
When browsing a malicious page, a race condition in the SharedWorkerService could occur and lead to a potentially exploitable crash. This vulnerability affects Thunderbird < 68.9.0, Firefox < 77, and Firefox ESR < 68.9.
- Historically Linked to Ransomware: 9 (1.80%)
- Historically Linked to Malware: 78 (15.57%)
- Linked to a Recent Cyber Exploit: 43 (8.58%)
- Related to a Historical Cyber Exploits: 240 (47.90%)
- Included in Penetration Testing Tools: 216 (43.%)
Conclusion
The number of advisories increased in the month but similarly, 111 advisories were rejected which is 18% of total advisories. Secunia Research adds value by helping customers focus on high priority vulnerabilities and assets.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.