Skip to main content
Monthly Archives

November 2020

||||

Beginner’s Guide To Endpoint Security Software

By Patch Management

Beginner’s Guide To Endpoint Security Software

Endpoint security software can be a critical tool for defending your organization from cyber attacks, vulnerabilities, and ransomware.

In 2018, 62% of businesses experienced a cyber attack, and in the first half of 2019 data breaches exposed 4.1 billion records.

We know that cybersecurity is a problem, but often we don’t know what to do about it, and unfortunately, the statistics show that the vast majority of companies are not prepared for attacks.

And the cause is that most businesses simply don’t know what to do to counter the cyberattacks. The answer is endpoint security.

What is Endpoint Security?

Endpoint security, as the name suggests, refers to securing endpoints. What are endpoints? They are end-user devices, such as computers, laptops, tablets, phones–even smart watches. Any computer that someone uses, no matter how small it may appear, is susceptible to attack and must be secured.

Endpoint security software is used by businesses, as opposed to individuals and homes who generally just use an antivirus software. The difference between a home’s antivirus software and a businesses endpoint security is big, but the main and critical difference is that endpoint security software secures an entire network, with all of that network’s endpoints responding in unison, via the cloud, rather than independently.

What Does Endpoint Security Software Do?

When a threat is detected, the endpoint’s user is notified and the software kicks into gear, activating its automatic protective measures. Some of these capabilities include, but are not limited to, antivirus management, integrated firewalls, network access control, whitelisting, intrusion detection and response, and root cause analysis.

The faster a security software is able to counter a threat and begin remediation, the lower the chances are that the threat will both spread and expose more breaches. It lowers the risk of downtime, which lowers the cost of the attack.

What Threats Does Endpoint Security Software Address?

Phishing

Phishing is one of the most common types of cyberattack. The attacker pretends to be someone or something else, trying to get the user to click on a malicious link or enter sensitive data.

For example, a phishing attack may send an email that appears to be from a company you trust, giving you a link to go to their website and login–but the email and website are fake, and by entering your login information you are handing over your login and password to the attacker. This type of attack has been used successfully to get access to corporate computers, to bank accounts, to email accounts, and much more.

Ransomware

Ransomware is an attack that targets the endpoint user’s files on their computer, encrypting them. Once the files have been encrypted, the user will get a ransom demand that they either pay a certain amount to regain access to their files, or the files will forever be lost. Often, these cyberattackers demand payment in the form of cryptocurrency like Bitcoin.

Data Theft

Perhaps the type of attack that gets the most news attention is data theft, where a cyberattacker will enter a user’s system and access data that belongs to the business. Often this data is customer data, including names, personal information, and payment information.

By doing this, the thieves can steal identities as well as sell the credit card or bank account numbers. These types of attack make the news because they impact so many people–often hundreds of millions of customers, such as in the Yahoo! breach, or the Equifax breach.

What’s the Difference Between Anti-Virus Software and Endpoint Security Software?

The main difference between anti-virus software and endpoint security software is in its scope. Anti-virus software will protect from many of the same things that endpoint security software does, but anti-virus software merely protects a single computer from these threats, its automated services locking down the computer and trying to isolate the problem.

While the anti-virus software may connect online to its company, like Norton or Kaspersky, and get information about the attack from them, it only solves the problem on that specific device.

Endpoint security software, on the other hand, protects the entire network, immediately going into defensive mode to find other malware and viruses. When one endpoint device is compromised, all of the devices are inspected.

Another difference is that endpoint security software is not necessarily installed on every computer, but is software attached to the network, whereas antivirus software is installed on each machine.

What Makes Endpoint Security Software So Important?

Endpoint security software is so important because businesses and organizations are under attack more than they ever have been before. Since 2014, security breaches have increased by 67%, and the average cost of a data breach is $3.92 million.

Some of the most notable breaches have been incredibly costly, such as the Equifax breach in 2017, which affected 147 million consumers and cost the company $4 billion.

And lest it be thought that these attacks only happen to big companies with millions of users, it is reported that 82% of small and medium sized businesses have had malware attacks that have successfully broken through their traditional antivirus solutions.

This problem is big, and it is expensive, both in dollars lost and in reputation damaged. And the problem is getting bigger all the time. Malware, viruses, and phishing attacks are all on the rise, and newer attacks, especially targeting mobile devices, are skyrocketing.

By getting an endpoint security system that is prepared for these attacks, companies are able to combat the threat of a single user accidentally infecting an entire workplace through one wrong click. It is far less expensive to act on this threat now, than wait until your computer system is the one under attack, being ransomed, or having been breached.

Experience the Power of Syxsense

Start a trial of Syxsense, which helps organizations from 100 to 100,000 endpoints secure and manage their environment, all from just a web browser.

Syxsense demo

Schedule Your Syxsense Demo

Syxsense combines IT management, patch management, and security vulnerability scanning in one powerful solution. Get started today.

Schedule My Demo
||

Syxsense Announces New Support for Amazon Web Service (AWS) Linux Devices

By Press Release

Syxsense Announces New Support for Amazon Web Service (AWS) Linux Devices

Syxsense has announced extended support of its cloud-native, real-time architecture to Amazon Web Service (AWS) Linux devices.

AWS Linux Devices Support

Syxsense, a global leader in SaaS IT and security management solutions, extends support of its cloud-native, real-time architecture to Amazon Web Service (AWS) Linux devices. AWS Linux assets are protected with a single lightweight agent allowing real-time patching and management from the Syxsense Management Cloud.

“With the addition of AWS Linux support, Syxsense now allows IT departments to manage and secure their entire premise, cloud and remote homeworking environment from a single easy-to-use SaaS tool,” commented Ashley Leonard, CEO Syxsense Inc.

In under 5 minutes, Syxsense customers can be up and running, managing their Windows, Mac, and Linux devices, whether on-premise, remote, or in the cloud, providing 100% visibility.

Once added to the console, Syxsense evaluates your exposed risk with dashboards, device health, and reports that prioritize the immediate or automatic remediation of issues to reduce an attack surface. Full patching support includes severity, content, inventory, troubleshooting tools, compliance proof and device status for all major Linux flavors in the RPM and DEB based Distributions including RedHat, Debian, Ubuntu, CentOS and AWS, among others.

Syxsense is offering free, fully-featured trials for up to 50 devices for 14 days. More information on the software and trial can be found here.

Experience the Power of Syxsense

Start a trial of Syxsense, which helps organizations from 100 to 100,000 endpoints secure and manage their environment, all from just a web browser.

Syxsense demo

Schedule Your Syxsense Demo

Syxsense combines IT management, patch management, and security vulnerability scanning in one powerful solution. Get started today.

Schedule My Demo
||||||

Syxsense Announces Vulnerability Dashboard as Demand for Securing Remote Workers Surges

By Press Release

Syxsense Announces Vulnerability Dashboard as Demand for Securing Remote Workers Surges

Syxsense has announced the release of vulnerability dashboards which show an IT environment’s exposed risk for both software and security vulnerabilities.

Vulnerability Dashboards Release

Syxsense, a global leader in IT and security management solutions, announces the availability of vulnerability dashboards, which shows an IT environment’s exposed risk for both software patches and security vulnerabilities. Within the vulnerability dashboards, Syxsense provides an immediate path to resolution and reduction of attack surface.

By providing telemetry of what is active and vulnerable at the endpoint level, Syxsense helps customers focus their remediation efforts on that which is actionable and manageable.

Vulnerability Dashboard Views

Overall environment with buttons to see open security issues, patch devices, details on the most needed patches or security families that leave devices most vulnerable.

View overall security details by family. Easily browse to Antivirus, backdoor, crypto mining and many other families. Syxsense categorizes risk to aid investigating and eliminating threats.

Syxsense is offering free, fully-featured trials for up to 50 devices for 14 days. More information on the software and trial can be found here.

Experience the Power of Syxsense

Start a trial of Syxsense, which helps organizations from 100 to 100,000 endpoints secure and manage their environment, all from just a web browser.

Syxsense demo

Schedule Your Syxsense Demo

Syxsense combines IT management, patch management, and security vulnerability scanning in one powerful solution. Get started today.

Schedule My Demo
||

Windows Kerberos Bug Fixed in November Out-of-Band Update

By Patch Management

Windows Kerberos Bug Fixed in November Out-of-Band Update

Microsoft has fixed a bug for a bypass vulnerability in the Kerberos Key Distribution Center (KDC) security feature.

Kerberos Authentication Bug

A security feature bypass vulnerability exists in the way Key Distribution Center (KDC) determines if a service ticket can be used for delegation via Kerberos Constrained Delegation (KCD).  The update known as CVE-2020-17049  addresses this vulnerability by changing how the KDC validates service tickets used with KCD.

Once deployment of the patch has been made, the following manual steps are then available to fully resolve the vulnerability:

Post-Patch Action

Registry subkey HKEY_LOCAL_MACHINESystemCurrentControlSetServicesKdc

Reboot required: No

Value: PerformTicketSignature

Data type: REG_DWORD

  • 0 – This disables ticket signatures and your domains are not protected. Important Do not use this setting until further notice. There is a known issue that could cause the S4USelf feature of Kerberos to become non-functional.
  • 1 – The fix is enabled on the domain controller but the DC does not require that tickets conform to the fix.
  • 2 – This enables the fix in required mode where all domains must be patched and all DCs require tickets with signatures.

Microsoft does not recommend using the 0 setting due to known issues with the S4USelf feature of Kerberos.

How does this patch affect third-party Kerberos clients?

When the registry key is set to 1, patched domain controllers will issue service tickets and Ticket-Granting Tickets (TGT)s that are not renewable and will refuse to renew existing service tickets and TGTs. Windows clients are not impacted by this since they never renew service tickets or TGTs.

Third-party Kerberos clients may fail to renew service tickets or TGTs acquired from unpatched DCs. If all DCs are patched with the registry set to 1, third-party clients will no longer receive renewable tickets.

Customers using Syxsense Manage or Syxsense Secure will be able to find this patch by searching for CVE-2020-17049.

Experience the Power of Syxsense

Start a trial of Syxsense, which helps organizations from 100 to 100,000 endpoints secure and manage their environment, all from just a web browser.

Syxsense demo

Schedule Your Syxsense Demo

Syxsense combines IT management, patch management, and security vulnerability scanning in one powerful solution. Get started today.

Schedule My Demo
|||

Identifying Endpoints with SolarWinds® Orion® Software

By News

Identifying Endpoints with SolarWinds® Orion® Software

There has been a significant hack linked to security vulnerabilities in SolarWinds® Orion® software

Syxsense Allows Users to Scan for SolarWinds® Orion® Vulnerability

By now, everyone should be aware of the significant hack linked to security vulnerabilities in SolarWinds® Orion® software – https://www.solarwinds.com/securityadvisory.

The team at Syxsense has received requests asking if Syxsense Manage and Secure can help identify endpoints that might have SolarWinds software installed.

The Syxsense inventory scanner can quickly identify devices with SolarWinds software. Simply run an inventory query for SolarWinds or Inventory Software Report to see a list of all endpoints with SolarWinds software installed. Syxsense’s software distribution features can also be helpful to initiate uninstalls of SolarWinds.

The Syxsense Secure platform uses Syxsense Realtime functions to dynamically scan all endpoints for SolarWinds software, including scanning the hard drives in real-time to look for the compromised “SolarWinds.Orion.Core.BusinessLayer.dll” by name or file hash, quarantining devices to stop lateral movement and thereby protecting the network. With added security, Syxsense blocks the execution of SolarWinds software until a security evaluation of potentially exposed endpoints can be completed.

 

For technical details on how the SolarWinds Compromise and SUNBURST Backdoor work, we recommend reading a report from IT Security Company FIREEYE – https://www.fireeye.com/blog/threat-research/2020/12/evasive-attacker-leverages-solarwinds-supply-chain-compromises-with-sunburst-backdoor.html

Experience the Power of Syxsense

Start a trial of Syxsense, which helps organizations from 100 to 100,000 endpoints secure and manage their environment, all from just a web browser.

Syxsense demo

Schedule Your Syxsense Demo

Syxsense combines IT management, patch management, and security vulnerability scanning in one powerful solution. Get started today.

Schedule My Demo
||

Google Chrome 86.0.4240.198 Released to Fix Weaponized Threats

By News

Google Chrome 86.0.4240.198 Released to Fix Weaponized Threats

Google's latest Chrome update to version 86.0.4240.198 closes two security flaws which are already being exploited.

Google Releases Fixes for Weaponized Threats

On November 11, 2020 Google has updated the Google Chrome Browser for Windows, MacOS and Linux to version 86.0.4240.198. This update closes two security flaws which are already being exploited.

  • CVE-2020-16013: Inappropriate implementation
  • CVE-2020-16017: Use after free in site isolation

Both Syxsense and Google are recommending an urgent deployment of this version for all supported languages.

Keep Your Organization Protected

Customers of Syxsense Manage and Syxsense Secure can find these updates within the console.

Syxsense allows you to manage and secure vulnerabilities exposed by open ports, disabled firewalls, ineffective user account policies, and security compliance violations from remote workers.

Detecting software vulnerabilities isn’t enough—traditional security scanners only do half the job by identifying and tracking possible vulnerabilities and exposure without eliminating the risk.

With security scanning and patch management in a single console, our vulnerability scanning feature not only shows you what’s wrong, but also deploys the solution. Gain visibility into OS and third-party vulnerabilities while increasing cyber resilience through automated patching and security scans.

Experience the Power of Syxsense

Start a trial of Syxsense, which helps organizations from 100 to 100,000 endpoints secure and manage their environment, all from just a web browser.

Syxsense demo

Schedule Your Syxsense Demo

Syxsense combines IT management, patch management, and security vulnerability scanning in one powerful solution. Get started today.

Schedule My Demo
||

Syxsense Announces New European Expansion

By Press Release

Syxsense Announces New European Expansion

As Syxsense continues to expand internationally, language support has been added for France, German, Italy, Spain and Portugal.

Syxsense Adds New Global Offering

ALISO VIEJO, Calif., November 12, 2020 – Syxsense, a global leader in IT and security management solutions, announces support for five new European languages.

As Syxsense continues to expand internationally, supporting larger global customers, they’ve added additional language support for France, German, Italy, Spain and Portugal. Support for the new countries will be delivered from Syxsense’s European headquarters in the U.K.

The additional languages supported by Syxsense expands its already global footprint. Syxsense currently has offices in the US, UK and Australia, supporting clients in Asia, Africa, Europe and the Americas.

How Syxsense Keeps Remote Workers Secure

Support for the new languages comes at a time when millions of workers are remote due to Coronavirus lockdowns, creating a cyber security risk. Several clients recently reviewed Syxsense on Gartner-owned Capterra, commenting on Syxsense’s ability to manage and secure remote workers:

  • “I’ve been able to address Windows patching for staff who no longer come into our network due to Covid-19, as well as software patching capabilities. Remote management has also been helpful as well as basic system review/maintenance in the background without the user’s input.” – Director of IT, Hospital & Health Care
  • “Being able to monitor inventory, processes, patching and queries in real-time have really helped keep our environment secure and up to date. This has been very important as remote working has increased across the board.” – IT Desktop Administrator, Non-Profit Organization Management
  • “We were starting to see issues keeping our devices up to date prior to Covid but when Covid hit and we were no longer seeing devices in the office. Syxsense was a life saver! It has allowed us to keep eyes on our devices and ensure that they are fully patched against vulnerabilities. The remote-control feature has allowed us to get to devices that we can’t access via VPN.” – Systems Administrator, Utilities
  • “Our company had a problem with management of users working from home. If they did not connect to VPN there was not a lot we could do to keep the machine patched and secure. Ever since we installed the Syxsense agent on all our machines we can keep them up to date and connect to them with one click from the dashboard.” – Systems Administrator, Computer Software

Syxsense is offering free, fully-featured trials for up to 100 devices for 14 days. More information on the software and trial can be found here.

Experience the Power of Syxsense

Start a trial of Syxsense, which helps organizations from 100 to 100,000 endpoints secure and manage their environment, all from just a web browser.

Syxsense demo

Schedule Your Syxsense Demo

Syxsense combines IT management, patch management, and security vulnerability scanning in one powerful solution. Get started today.

Schedule My Demo
|

Watch the Webcast: November Patch Tuesday

By Patch Management, Patch Tuesday

Watch the Webcast: What You Need to Know For November Patch Tuesday

Watch this week's webcast to hear IT industry experts discuss strategies for tackling Microsoft's November Patch Tuesday updates.

November Patch Tuesday 2020

What’s your November patch strategy?

Our webcast will show you how to prioritize the latest updates for this month’s Microsoft Patch Tuesday. We’ll do a deep dive into each of the bulletins and show you how to navigate the risks of newly-identified vulnerabilities.

Our team of IT management experts have deployed over 100 million patches. Watch our free webinar to get industry-leading patch management strategies delivered right to your desk.

View the Webcast

What You Need to Know: November Patch Tuesday

Experience the Power of Syxsense

Syxsense has created innovative and intuitive technology that sees and knows everything. Manage and secure your environment with a simple and powerful solution.

Syxsense demo

Schedule Your Syxsense Demo

Syxsense combines IT management, patch management, and security vulnerability scanning in one powerful solution. Get started today.

Schedule My Demo
|||

November Patch Tuesday 2020 Fixes 112 Vulnerabilities

By Patch Management, Patch Tuesday

November Patch Tuesday 2020 Fixes 112 Vulnerabilities

November Patch Tuesday has arrived with over 100 vulnerabilities remediated, including an actively exploited Windows Kernel flaw.

November Patch Tuesday Arrives with 112 Fixes

There were 112 vulnerabilities remediated including 17 Critical, 93 Important and 2 marked Low. Microsoft fixed 25 more vulnerabilities this month than October Patch Tuesday and provided a weaponized threat to urgently resolve.

Security updates are also released for Microsoft Office, Internet Explorer, Microsoft Edge, Microsoft Exchange Server, Microsoft Dynamics, Microsoft Windows Codecs Library, Azure Sphere, Windows Defender, Microsoft Teams, Azure SDK, Azure DevOps and Visual Studio.

There have also been a lot of Windows 7 and Windows Server 2008 (including R2) vulnerabilities for anyone who has subscribed to extended support – Windows 7 and Windows Server 2008 (including R2) both has 20 vulnerabilities: 2 Critical and 18 Important.

Robert Brown, Director of Services for Syxsense said, “Along with Microsoft, Adobe fixed 14 bugs last week for Acrobat and Reader and fixed 3 additional bugs for Reader (Android) and Adobe Connect. These issues have been given a Priority 2 which means Adobe is recommending deployment of patches within 30 days.”

Top November Patches and Vulnerabilities

CVE-2020-17087: Windows Kernel Local Elevation of Privilege Vulnerability – this vulnerability is both Weaponized and Public Aware, combined with the CVSS Score of 7.8 and no countermeasure, this should be remediated immediately.

  • Buffer overflow vulnerability in the Windows Kernel, initially made Public Aware when it was used to expose Google Chrome Zero Day in October. This is a very serious issue as the overflow allowed a hacker to break out of the sandbox.
  • Affects Windows 7,8,10 &Windows Server 2008, 2012, 2016
  • Workaround: None
  • Reboot: Maybe

CVE-2020-17051: Windows Network File System Remote Code Execution Vulnerability – has a CVSS score of 9.8 making this one of the top 3 highest vulnerabilities to prioritize this month, no countermeasure is available.

  • This vulnerability will impact companies who are Windows and Linux for file sharing. If exploited, it could cause a Blue / Black Screen failure with the NFS driver or allow code execution.
  • Exploitation: More Likely where NFS is used
  • Affects Windows Server 2008, 2012, 2016, 2019 Core
  • Workaround: None
  • Reboot: Maybe

CVE-2020-17042: Windows Error Reporting Elevation of Privilege Vulnerability – has a CVSS score of 8.8 with no countermeasure and does not require complex access or user privilege.

  • Severity: Critical
  • Affects Windows 7,8,10 & Windows Server 2008, 2012, 2016
  • Workaround: None
  • Reboot: Maybe

Syxsense Recommendations

Based on the Vendor Severity and CVSS Score, we have made a few recommendations below which you should prioritize this month; please pay close attention to any of these which are Publicly Aware and / or Weaponized.

 

CVE Reference Description Vendor Severity CVSS Score Weaponised Publicly Aware Countermeasure Syxsense Recommended
CVE-2020-17087 Windows Kernel Local Elevation of Privilege Vulnerability Important 7.8 Yes Yes No Yes
CVE-2020-17051 Windows Network File System Remote Code Execution Vulnerability Critical 9.8 No No No Yes
CVE-2020-17042 Windows Print Spooler Remote Code Execution Vulnerability Critical 8.8 No No No Yes
CVE-2020-17061 Microsoft SharePoint Remote Code Execution Vulnerability Important 8.8 No No No Yes
CVE-2020-17084 Microsoft Exchange Server Remote Code Execution Vulnerability Important 8.5 No No No Yes
CVE-2020-16970 Azure Sphere Unsigned Code Execution Vulnerability Important 8.1 No No No Yes
CVE-2020-17016 Microsoft SharePoint Spoofing Vulnerability Important 8 No No No Yes
CVE-2020-17105 AV1 Video Extension Remote Code Execution Vulnerability Critical 7.8 No No No Yes
CVE-2020-17101 HEIF Image Extensions Remote Code Execution Vulnerability Critical 7.8 No No No Yes
CVE-2020-17106 HEVC Video Extensions Remote Code Execution Vulnerability Critical 7.8 No No No Yes
CVE-2020-17107 HEVC Video Extensions Remote Code Execution Vulnerability Critical 7.8 No No No Yes
CVE-2020-17108 HEVC Video Extensions Remote Code Execution Vulnerability Critical 7.8 No No No Yes
CVE-2020-17109 HEVC Video Extensions Remote Code Execution Vulnerability Critical 7.8 No No No Yes
CVE-2020-17110 HEVC Video Extensions Remote Code Execution Vulnerability Critical 7.8 No No No Yes
CVE-2020-17078 Raw Image Extension Remote Code Execution Vulnerability Critical 7.8 No No No Yes
CVE-2020-17079 Raw Image Extension Remote Code Execution Vulnerability Critical 7.8 No No No Yes
CVE-2020-17082 Raw Image Extension Remote Code Execution Vulnerability Critical 7.8 No No No Yes
CVE-2020-17053 Internet Explorer Memory Corruption Vulnerability Critical 7.5 No No No Yes
CVE-2020-17052 Scripting Engine Memory Corruption Vulnerability Critical 7.5 No No No Yes
CVE-2020-17058 Microsoft Browser Memory Corruption Vulnerability Critical 7.5 No No No Yes
CVE-2020-16988 Azure Sphere Elevation of Privilege Vulnerability Critical 6.9 No No No Yes
CVE-2020-17048 Chakra Scripting Engine Memory Corruption Vulnerability Critical 4.8 No No No Yes
CVE-2020-17010 Win32k Elevation of Privilege Vulnerability Important 7.8 No No No Yes
CVE-2020-17038 Win32k Elevation of Privilege Vulnerability Important 7.8 No No No Yes
CVE-2020-17088 Windows Common Log File System Driver Elevation of Privilege Vulnerability Important 7.8 No No No Yes
CVE-2020-17019 Microsoft Excel Remote Code Execution Vulnerability Important 7.8 No No No
CVE-2020-17064 Microsoft Excel Remote Code Execution Vulnerability Important 7.8 No No No
CVE-2020-17065 Microsoft Excel Remote Code Execution Vulnerability Important 7.8 No No No
CVE-2020-17066 Microsoft Excel Remote Code Execution Vulnerability Important 7.8 No No No
CVE-2020-17067 Microsoft Excel Security Feature Bypass Vulnerability Important 7.8 No No No
CVE-2020-17062 Microsoft Office Access Connectivity Engine Remote Code Execution Vulnerability Important 7.8 No No No
CVE-2020-17086 Microsoft Raw Image Extension Information Disclosure Vulnerability Important 7.8 No No No
CVE-2020-17091 Microsoft Teams Remote Code Execution Vulnerability Important 7.8 No No No
CVE-2020-17104 Visual Studio Code JS Hint Extension Remote Code Execution Vulnerability Important 7.8 No No No
CVE-2020-17012 Windows Bind Filter Driver Elevation of Privilege Vulnerability Important 7.8 No No No
CVE-2020-17024 Windows Client Side Rendering Print Provider Elevation of Privilege Vulnerability Important 7.8 No No No
CVE-2020-17068 Windows GDI+ Remote Code Execution Vulnerability Important 7.8 No No No
CVE-2020-17035 Windows Kernel Elevation of Privilege Vulnerability Important 7.8 No No No
CVE-2020-17011 Windows Port Class Library Elevation of Privilege Vulnerability Important 7.8 No No No
CVE-2020-17041 Windows Print Configuration Elevation of Privilege Vulnerability Important 7.8 No No No
CVE-2020-17001 Windows Print Spooler Elevation of Privilege Vulnerability Important 7.8 No No No
CVE-2020-17014 Windows Print Spooler Elevation of Privilege Vulnerability Important 7.8 No No No
CVE-2020-17025 Windows Remote Access Elevation of Privilege Vulnerability Important 7.8 No No No
CVE-2020-17026 Windows Remote Access Elevation of Privilege Vulnerability Important 7.8 No No No
CVE-2020-17027 Windows Remote Access Elevation of Privilege Vulnerability Important 7.8 No No No
CVE-2020-17028 Windows Remote Access Elevation of Privilege Vulnerability Important 7.8 No No No
CVE-2020-17031 Windows Remote Access Elevation of Privilege Vulnerability Important 7.8 No No No
CVE-2020-17032 Windows Remote Access Elevation of Privilege Vulnerability Important 7.8 No No No
CVE-2020-17033 Windows Remote Access Elevation of Privilege Vulnerability Important 7.8 No No No
CVE-2020-17034 Windows Remote Access Elevation of Privilege Vulnerability Important 7.8 No No No
CVE-2020-17043 Windows Remote Access Elevation of Privilege Vulnerability Important 7.8 No No No
CVE-2020-17044 Windows Remote Access Elevation of Privilege Vulnerability Important 7.8 No No No
CVE-2020-17055 Windows Remote Access Elevation of Privilege Vulnerability Important 7.8 No No No
CVE-2020-17070 Windows Update Medic Service Elevation of Privilege Vulnerability Important 7.8 No No No
CVE-2020-17073 Windows Update Orchestrator Service Elevation of Privilege Vulnerability Important 7.8 No No No
CVE-2020-17074 Windows Update Orchestrator Service Elevation of Privilege Vulnerability Important 7.8 No No No
CVE-2020-17076 Windows Update Orchestrator Service Elevation of Privilege Vulnerability Important 7.8 No No No
CVE-2020-17077 Windows Update Stack Elevation of Privilege Vulnerability Important 7.8 No No No
CVE-2020-17075 Windows USO Core Worker Elevation of Privilege Vulnerability Important 7.8 No No No
CVE-2020-17037 Windows Wallet Service Elevation of Privilege Vulnerability Important 7.8 No No No
CVE-2020-16997 Remote Desktop Protocol Server Information Disclosure Vulnerability Important 7.7 No No No
CVE-2020-16992 Azure Sphere Elevation of Privilege Vulnerability Important 7.5 No No No
CVE-2020-17047 Windows Network File System Denial of Service Vulnerability Important 7.5 No No No
CVE-2020-16984 Azure Sphere Unsigned Code Execution Vulnerability Important 7.3 No No No
CVE-2020-16987 Azure Sphere Unsigned Code Execution Vulnerability Important 7.3 No No No
CVE-2020-16991 Azure Sphere Unsigned Code Execution Vulnerability Important 7.3 No No No
CVE-2020-16994 Azure Sphere Unsigned Code Execution Vulnerability Important 7.3 No No No
CVE-2020-17057 Windows Win32k Elevation of Privilege Vulnerability Important 7 No No No
CVE-2020-16998 DirectX Elevation of Privilege Vulnerability Important 7 No No No
CVE-2020-17007 Windows Error Reporting Elevation of Privilege Vulnerability Important 7 No No No
CVE-2020-17063 Microsoft Office Online Spoofing Vulnerability Important 6.8 No No No
CVE-2020-17049 Kerberos Security Feature Bypass Vulnerability Important 6.6 No No No
CVE-2020-17040 Windows Hyper-V Security Feature Bypass Vulnerability Important 6.5 No No No
CVE-2020-16986 Azure Sphere Denial of Service Vulnerability Important 6.2 No No No
CVE-2020-16985 Azure Sphere Information Disclosure Vulnerability Important 6.2 No No No
CVE-2020-16990 Azure Sphere Information Disclosure Vulnerability Important 6.2 No No No
CVE-2020-17085 Microsoft Exchange Server Denial of Service Vulnerability Important 6.2 No No No
CVE-2020-16981 Azure Sphere Elevation of Privilege Vulnerability Important 6.1 No No No
CVE-2020-16982 Azure Sphere Unsigned Code Execution Vulnerability Important 6.1 No No No
CVE-2020-16983 Azure Sphere Tampering Vulnerability Important 5.7 No No No
CVE-2020-17083 Microsoft Exchange Server Remote Code Execution Vulnerability Important 5.5 No No No
CVE-2020-17081 Microsoft Raw Image Extension Information Disclosure Vulnerability Important 5.5 No No No
CVE-2020-17000 Remote Desktop Protocol Client Information Disclosure Vulnerability Important 5.5 No No No
CVE-2020-17100 Visual Studio Tampering Vulnerability Important 5.5 No No No
CVE-2020-17102 Web Image Extensions Information Disclosure Vulnerability Important 5.5 No No No
CVE-2020-17013 Win32k Information Disclosure Vulnerability Important 5.5 No No No
CVE-2020-17113 Windows Camera Codec Information Disclosure Vulnerability Important 5.5 No No No
CVE-2020-17029 Windows Canonical Display Driver Information Disclosure Vulnerability Important 5.5 No No No
CVE-2020-17071 Windows Delivery Optimization Information Disclosure Vulnerability Important 5.5 No No No
CVE-2020-17036 Windows Function Discovery SSDP Provider Information Disclosure Vulnerability Important 5.5 No No No
CVE-2020-17004 Windows Graphics Component Information Disclosure Vulnerability Important 5.5 No No No
CVE-2020-17045 Windows Kernel Stream Information Disclosure Vulnerability Important 5.5 No No No
CVE-2020-17030 Windows MSCTF Server Information Disclosure Vulnerability Important 5.5 No No No
CVE-2020-17069 Windows NDIS Information Disclosure Vulnerability Important 5.5 No No No
CVE-2020-17056 Windows Network File System Information Disclosure Vulnerability Important 5.5 No No No
CVE-2020-1599 Windows Spoofing Vulnerability Important 5.5 No No No
CVE-2020-16999 Windows Wallet Service Information Disclosure Vulnerability Important 5.5 No No No
CVE-2020-1325 Azure DevOps Server and Team Foundation Services Spoofing Vulnerability Important 5.4 No No No
CVE-2020-16989 Azure Sphere Elevation of Privilege Vulnerability Important 5.4 No No No
CVE-2020-16993 Azure Sphere Elevation of Privilege Vulnerability Important 5.4 No No No
CVE-2020-17005 Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability Important 5.4 No No No
CVE-2020-17006
Syxsense demo

Schedule Your Syxsense Demo

Syxsense combines IT management, patch management, and security vulnerability scanning in one powerful solution. Get started today.

Schedule My Demo
||

Patch Now: Cisco Webex Meetings Vulnerability

By News

Patch Now: Cisco Webex Meetings Vulnerability

Cisco has found a flaw which allows attackers to execute arbitrary code with the user's privileges when running Cisco Webex Meetings Virtual Desktop App for Windows.

Cisco Urges Users to Patch for Webex Vulnerability

Cisco has found a flaw which allows attackers to execute arbitrary code with the user’s privileges when running Cisco Webex Meetings Virtual Desktop App for Windows.

Cisco explains, “A successful exploit could allow the attacker to modify the underlying operating system configuration, which could allow the attacker to execute arbitrary code with the privileges of a targeted user.”

Cisco’s Product Security Incident Response Team has not yet seen any attacks in the wild, but with so many remote workers due to COVID, organizations could be exposed.

Cisco has given the bug a severity rating of 7.3 out of a possible 10 and tracked as CVE-2020-3588.

Cisco is also urging customers to update Webex Meetings sites and Webex Meetings Server due to vulnerabilities affecting the Webex Network Recording Player for Windows and Webex Player for Windows.

“Understanding your environment’s exposure, not only to operating system vulnerabilities, but also critical third-party applications like Cisco Webex, is vital to ensure IT compliance and security. Advanced patch and vulnerability management technology like Syxsense closes potential routes of exposure even in remote worker environments we see today with COVID,” commented Ashley Leonard, CEO of Syxsense Inc.

Experience the Power of Syxsense

Start a trial of Syxsense, which helps organizations from 100 to 100,000 endpoints secure and manage their environment, all from just a web browser.

Syxsense demo

Schedule Your Syxsense Demo

Syxsense combines IT management, patch management, and security vulnerability scanning in one powerful solution. Get started today.

Schedule My Demo