Microsoft releases patch for RCP vulnerability (why you need to act quickly)
source link: https://venturebeat.com/2022/04/16/microsoft-releases-patch-for-rcp-vulnerability-why-you-need-to-act-quickly/
Go to the source link to view the article. You can view the picture content, updated content and better typesetting reading experience. If the link is broken, please click the button below to view the snapshot at that time.
Microsoft releases patch for RCP vulnerability (why you need to act quickly)
We are excited to bring Transform 2022 back in-person July 19 and virtually July 20 - 28. Join AI and data leaders for insightful talks and exciting networking opportunities. Register today!
Earlier this week, Microsoft released 117 security patches for April patch Tuesday, including CVE-2022-26809, a CVSS 9.8 rated vulnerability In Remote Procedure Call (RPC) that enables an attacker to send an RPC call to an RPC host, and execute code on a remote server.
“It could allow an attacker to execute code with high privileges on an affected system,” said CrowdStrike Falcon Spotlight Team researchers in a recent blog post. “This vulnerability could be used for lateral movement by an attacker. We recommend that your team test and deploy this patch quickly as possible.”
For enterprises, this vulnerability, if left unpatched, could leave Windows servers vulnerable to compromise and enable a hacker to breach internal systems without any authentication process.
As a result, Microsoft recommends that enterprises take immediate action to block TCP 445 on their perimeter firewall to stop external attackers from leveraging the vulnerability and to follow Microsoft guidelines to secure SMB traffic with segmentation and isolation techniques.
How to scale to manage CVE vulnerabilities
While the RCP vulnerability may seem simple to patch and mitigate on the surface, historically, many organizations have struggled to deploy critical security patches until it’s too late.
In fact, research shows that 61% of security vulnerabilities that exist in corporate networks are from 2016 or even older, and hackers have used unpatched vulnerabilities to perpetrate some of the largest cyber attacks in history, including the WannaCry ransomware attack in 2017.
One of the key reasons why organizations fail to deploy security patches is that there are too many to manage. In 2021 alone, there were 18,378 vulnerabilities reported with 3,646 high-risk vulnerabilities.
With such a high number of vulnerabilities to mitigate, security teams struggle to scale if they don’t have access to a vulnerability management solution.
These solutions are critical as security analysts not only need to have the ability to identify vulnerabilities that exist throughout the environment, they also need the capability to manage and prioritize them.
The vulnerability management market
As more organizations find it difficult to keep up with the growing list of vulnerabilities, vulnerability management solutions aim to provide an automated solution for identifying and prioritizing the remediation of weaknesses throughout IT environments.
These solutions are growing increasingly popular to the extent that researchers expect the global security and vulnerability management market, valued at $13.8 billion in 2020, to reach $18.7 billion by 2026 as more organizations look to automated solutions to manage and prioritize vulnerabilities at scale.
One of the main providers in the market is Crowdstrike, which raised $1.45 billion in revenue last year, and offers a vulnerability management platform called Falcon Spotlight.
Falcon Spotlight provides enterprises with continuous vulnerability assessments throughout their environment, giving them the option to conduct real-time or historical scans and to filter by CVE vulnerabilities.
Competitor such as Rapid7 with InsightVM, a solution that enables security teams to scan vulnerabilities existing across endpoints, cloud and virtualized infrastructure, with a real-time dashboard view of discovered vulnerabilities and step-by-step remediation guidance.
Currently Rapid7 remains in a state of growth, reporting annual recurring revenue of $432.9 million, an increase of 28% year-on-year.
As a tool, InsightVM aims to differentiate themselves from competitors by using depth of vulnerability reporting on types of hosts, OS data, and discovered vulnerabilities, whereas CrowdStrike Falcon Spotlight puts more emphasis on endpoint protection, enabling users to automatically isolate high risk endpoints.
VentureBeat's mission is to be a digital town square for technical decision-makers to gain knowledge about transformative enterprise technology and transact. Learn more about membership.
Recommend
-
5
NOT DEAD YET — Microsoft’s emergency patch fails to fix critical “PrintNightmare” vulnerability Game-over code-execution attacks are still possible even after fix is installed....
-
5
Apache releases Log4j patch to address new RCE vulnerability S...
-
2
Microsoft releases PowerToys 0.55.1 to patch issues with Settings not saving and more.
-
5
Aside from
-
4
GOT PATCHES? — Microsoft won’t say if it will patch critical Windows vulnerability under exploit Slow to act on the code execution bug from the start, company is still in n...
-
5
June Patch Tuesday: Microsoft fixes Follina vulnerability but not DogWalk...
-
10
It’s the second Tuesday of the month, which means only one thi...
-
4
-
4
-
4
Google releases patch for zero-day Chrome vulnerability
About Joyk
Aggregate valuable and interesting links.
Joyk means Joy of geeK