Hello everyone! This time, let’s talk about recent vulnerabilities. I’ll start with Microsoft Patch Tuesday for September 2021. I created a report using my Vulristics tool. You can see the full report here.
The most interesting thing about the September Patch Tuesday is that the top 3 VM vendors ignored almost all RCEs in their reviews. However, there were interesting RCEs in the Office products. And what is most unforgivable is that they did not mention CVE-2021-38647 RCE in OMI – Open Management Infrastructure. Only ZDI wrote about this.
Continue reading