Summary

Total advisories:  852 ↑ (last month: 666) .

Important conclusions from this month report are:

• An all-time record count of advisories this month replacing July 2020 (772 advisories)
• Advisories for 82 unique vendors, 322 unique products and 409 unique product versions reported this month.
• Almost 58% of all vulnerabilities reported in this month have a “Remote Attack Vector” which is 16% more compared to last month.
• The Secunia Research Team reported 5 Extremely critical advisories this month.
• 10 Zero-Day Advisories reported, which is almost half (18) of what was reported last month.
• Microsoft Patch Tuesday reported 40 CVE’s, Secunia research team summarized these into 4 Advisories.
• Over 2,105 unique CVE’s (last month: 1,429) were covered in the 852 Advisories.
• Threat Intelligence indicates again that more Moderately Critical Vulnerabilities are targeted by hackers.
• More than half of all advisories are disclosed by 3 vendors (Red Hat 21.9%, SUSE 14.5%, Ubuntu 13.2%)
• F5, NetApp are contributing to more than 55 % of all Networking related Advisories.

Last month we reported that 71.32% of all Secunia Advisories had a Threat (exploits, malware, ransomware, etc.) associated with them, this month the number has been higher to 74.18%

Using Threat Intelligence is going to help you with prioritizing what needs to be patched immediately.

Software Vulnerability – and Patch Management is becoming more and more important.
Due to the ongoing Russia-Ukraine conflict , attacks on critical infrastructures in many countries are increasing.
Back in 2019 (just before Covid) patching was recommended within 30 days (or 14 days for CVSS score 7 or higher)
Right now , hackers can deploy exploits within 1 week and even within 24 hours . This means that organizations need to prioritize even better to quickly patch vulnerabilities (especially the ones with threats associated with them)