Tag Archives: Tenable

Microsoft Patch Tuesday August 2022: DogWalk, Exchange EOPs, 13 potentially dangerous, 2 funny, 3 mysterious vulnerabilities

Hello everyone! In this episode, let’s take a look at the Microsoft Patch Tuesday August 2022 vulnerabilities. I use my Vulristics vulnerability prioritization tool as usual. I take comments for vulnerabilities from Tenable, Qualys, Rapid7, ZDI and Kaspersky blog posts. Also, as usual, I take into account the vulnerabilities added between the July and August Patch Tuesdays.

Alternative video link (for Russia): https://vk.com/video-149273431_456239098

There were 147 vulnerabilities. Urgent: 1, Critical: 0, High: 36, Medium: 108, Low: 2.

There was a lot of great stuff this Patch Tuesday. There was a critical exploited in the wild MSDT DogWalk vulnerability, 3 critical Exchange vulnerabilities that could be easily missed in prioritization, 13 potentially dangerous vulnerabilities, 2 funny vulnerabilities and 3 mysterious ones. Let’s take a closer look.

Continue reading

Vulnerability Management news and publications #2

Hello everyone! This is the second episode of Vulnerability Management news and publications. In fact, this is a collection of my posts from the avleonovcom and avleonovrus telegram channels. Therefore, if you want to read them earlier, subscribe to these channels.

The main idea of ​​this episode. Microsoft is a biased company. In fact, they should now be perceived as another US agency. Does this mean that we need to forget about Microsoft and stop tracking what they do? No, it doesn’t. They do a lot of interesting things that can at least be researched and copied. Does this mean that we need to stop using Microsoft products? In some locations (you know which ones) for sure, in some we can continue to use such products if it is reasonable, but it’s necessary to have a plan B. And this does not only apply to Microsoft. So, it’s time for a flexible approaches. Here we do it this way, there we do it differently. It seems that rather severe fragmentation of the IT market is a long-term trend and it’s necessary to adapt to it.

Alternative video link (for Russia): https://vk.com/video-149273431_456239097

What’s in this episode:

  1. Microsoft released a propaganda report, what does this mean for us?
  2. Microsoft released the Autopatch feature, is it a good idea to use it?
  3. Ridiculous Vulnerability: Hardcoded Password in Confluence Questions
  4. The new Nessus Expert and why it’s probably Tenable’s worst release
  5. Rapid7 Nexpose/InsightVM features added in Q2 2022: what’s good and what’s weird
  6. Palo Alto: Malicious scan 15 minutes after CVE is released. Oh really?
  7. 6 groups of vulnerabilities that are most often used in attacks, according to Palo Alto, and the end of IT globalization
Continue reading

Microsoft Patch Tuesday July 2022: propaganda report, CSRSS EoP, RPC RCE, Edge, Azure Site Recovery

Hello everyone! Microsoft has been acting weird lately. I mean the recent publication of a propaganda report about evil Russians and how Microsoft is involved in the conflict between countries. It wouldn’t be unusual for a US government agency, NSA or CIA to publish such a report. But when a global IT vendor, which, in theory, should be more or less neutral, does this… This is a clear signal. It’s not about business anymore.

Alternative video link (for Russia): https://vk.com/video-149273431_456239096

I’ll take a closer look at this report in the next episode of the Vulnerability Management news, but for now let’s take a look at Microsoft July Patch Tuesday. Yes, the vendor is behaving strangely, but Microsoft products need to be patched. Right? At least for now. And tracking vulnerabilities is always a good thing. 🙂

Continue reading

AM Live Vulnerability Management Conference 2022: my impressions and position

Hello everyone! This episode will be about the AM Live Vulnerability Management online conference. I participated in it on May 17th.

Alternative video link (for Russia): https://vk.com/video-149273431_456239090

The event lasted 2 hours. Repeating everything that has been said is difficult and makes little sense. Those who want can watch the full video or read the article about the event (both in Russian). Here I would like to share my impressions, compare this event with last year’s and express my position.

Continue reading

Microsoft Patch Tuesday April 2022 and custom CVE comments sources in Vulristics

Hello everyone! This episode will be about Microsoft Patch Tuesday for April 2022 and new improvements in my Vulristics project. I decided to add more comment sources. Because it’s not just Tenable, Qualys, Rapid7 and ZDI make Microsoft Patch Tuesday reviews, but also other security companies and bloggers.

Alternative video link (for Russia): https://vk.com/video-149273431_456239085

You can see them in my automated security news telegram channel avleonovnews after every second Tuesday of the month. So, now you can add any links with CVE comments to Vulristics.

Continue reading

CISO Forum 2022: the first major Russian security conference in the New Reality

Hello everyone! After a two-year break, I took part in Moscow CISO Forum 2022 with a small talk “Malicious open source: the cost of using someone else’s code”.

Alternative video link (for Russia): https://vk.com/video-149273431_456239084

CISO Forum is the first major Russian conference since the beginning of The New Reality of Information Security (TNRoIS). My presentation was just on this topic. How malicious commits in open source projects change development and operations processes. I will make a separate video about this (upd. added Malicious Open Source: the cost of using someone else’s code). In this episode, I would like to tell you a little about the conference itself.

Continue reading

Microsoft Patch Tuesday February 2022

Hello everyone! This episode will be about Microsoft Patch Tuesday for February 2022. I release it pretty late, because of the my previous big episode about the blindspots in the Knowledge Bases of Vulnerability Scanners. Please take a look if you haven’t seen it. Well, if you are even slightly interested in the world news, you can imagine that the end of February 2022 in Eastern Europe is not the best time to create new content on Vulnerability Management. Let’s hope that peace and tranquility will be restored soon. And also that geopolitical confrontation between the largest nuclear powers will de-escalate somehow.

But let’s get back to information security. While working on Microsoft Patch Tuesday report for February 2022, I made a lot of improvements to my open source project for vulnerability prioritization Vulristics. I want to start with them.

Continue reading