Hooray! More patches! The time has come again to apply patches, which will cause disruption and may even break systems where they need to deploy, particularly in Operational Technology (OT). It is good cybersecurity hygiene to apply patches in your own time frame after thorough testing and planning. Still, system administrators wish they could stop doing it or, at the very least, have more control over their security posture and mitigate the need for emergency patching 17 critical vulnerabilities. Whether you are protecting OT or IT, you need to manage the patching process.
So Many Patches. Let’s get patching!
Of the vulnerabilities to be patched, the ones of most concern are those that are being actively exploited, such as CVE-2020-1464, a “Windows Spoofing Vulnerability” that exists in virtually all supported versions of Windows. The vulnerability allows an attacker to bypass Windows security features and allow for the loading of improperly signed files.
Another vulnerability that is currently enjoying active exploitation is CVE-2020-1380. This vulnerability in Internet Explorer will result in a system compromise by simply browsing an attacker-controlled website.
As an additional advisory, a print spooler service vulnerability is available that allows an attacker or their malware to elevate their privileges on the compromised system from a non-administrative user. The exposure is CVE-2020-1337 and is considered to be one of the most critical vulnerabilities for the year. This advisory is unique because the new patch provides an updated “fix” for a different vulnerability that was previously patched for CVE-2020-1048. Microsoft found the patch for CVE-2020-1048 was incomplete, and in a Black Hat Security Conference talk this year, a demonstration was shown where the vulnerability persisted even after patching.
What You Should Do
The application of patches brings the risk of introducing disruptions, irregularities, or other system issues that cost organizations. Also, as shown in the CVE-2020-1337 vulnerability, patches applied may not entirely fix the problems announced.
Digital Immunity protects against all of the vulnerabilities listed above, reducing the risk of exploitation without the need to patch immediately. Digital Immunity will also protect systems where the patches are not sufficient to fix the vulnerability in full.
Digital Immunity offers a vital layer of defense within your defense-in-depth strategy. Consider Digital Immunity today for the protection of your systems.