Get a free 30-day trial of Tenable.io Vulnerability Management.After you deploy Microsoft Edge using SCCM, you may want to measure the usage of the Edge browser. Learn more about Tenable, the first Cyber Exposure platform for holistic management of your modern attack surface. Join Tenable's Security Response Team on the Tenable Community.
Tenable plugins for Microsoft September 2021 Patch Tuesday Security Updates.Microsoft's September 2021 Security Updates.As always, we recommend patching systems as soon as possible and regularly scanning your environment to identify those systems yet to be patched. Here’s an example from Tenable.io:Ī list of all the plugins released for Tenable’s September 2021 Patch Tuesday update can be found here. Disable the whole family before selecting the individual plugins for this scan. Note: If your families on the left say Enabled, then all the plugins in that family are set. With that filter set, click the plugin families to the left and enable each plugin that appears on the right side. From a new advanced scan, in the plugins tab, set an advanced filter for Plugin Name contains September 2021. Users can create scans that focus specifically on our Patch Tuesday plugins. As Win32k is a core component of Windows, applying the necessary cumulative patches for your version of Windows is strongly recommended. With an assigned CVSS score of 7.8 and exploitability rating of “Exploitation More Likely,” attackers are expected to leverage this flaw to elevate account privileges of low privileged local user accounts. Windows Ancillary Function Driver for WinSockĮlevation of privilege (EoP) vulnerabilities accounted for 41.7% of the vulnerabilities patched this month, followed by remote code execution (RCE) vulnerabilities at 26.7%.ĬVE-2021-36975 and CVE-2021-38639 | Win32k Elevation of Privilege VulnerabilityĬVE-2021-36975 and CVE-2021-38639 are EoP vulnerabilities found in Win32k, the kernel-mode subsystem that provides graphical (GUI) content functionality in Windows.Microsoft Accessibility Insights for Android.This month's Patch Tuesday release includes fixes for: This is the seventh time in 2021 that Microsoft has patched fewer than 100 vulnerabilities in a Patch Tuesday release, a stark contrast to 2020, which featured eight months where over 100 CVEs were patched. Microsoft patched 60 CVEs in the September 2021 Patch Tuesday release, including four CVEs rated as critical and 56 rated as important. Microsoft addresses 60 CVEs in its September 2021 Patch Tuesday release, along with patches for a critical vulnerability in its MSHTML (Trident) engine that was first disclosed in an out-of-band advisory on September 7.
0 kommentar(er)
