The Biggest Vulnerabilities Hackers are Acting on Right Now

types_of_cyber_security_vulnerabilities_6fb0fcc88d

In the first quarter of 2022, 82% of U.S. cyberattacks were the result of exploiting patchable vulnerabilities. Yet, it’s the sort of attack that’s completely preventable. 

We’re all aware that working with technology can result in software vulnerabilities. To release a piece of software, a developer must write millions of lines of code.

But, no matter how good the developers are, there’s almost always a few mistakes or issues. It’s these loopholes that hackers  attempt to exploit in order to gain access to your system.

When problems arise, developers issue patches to address vulnerabilities. Yet sometimes, a new update results in even more problems, when compatibility issues arise.

Sometimes, it can feel like you’re playing a game of “whack-a-mole” to keep your systems secure

Staying on top of the biggest vulnerabilities is a major priority for IT management firms. It is important to understand which operating systems and software are being attacked.

If not constantly managed for vulnerabilities and patching, your company’s networks remain at risk.

In a warning by the Cybersecurity and Infrastructure Security Agency (CISA), some of the biggest vulnerabilities included products from Microsoft, Google, Adobe, and more.

Let’s break down the biggest vulnerabilities hackers are exploiting, and what you can do to protect yourself.

Microsoft Vulnerabilities

Recently, it was discovered that three of Microsoft’s products contain vulnerabilities.

One of these programs is Internet Explorer (IE), which Microsoft discontinued in June of 2022. If you still have this installed on your computer, you should remove it immediately.

However, some of their more current products were also discovered to pose major risks, including Microsoft Office and Windows.

Note that in the vulnerability names, you’ll see the acronym “CVE”. This is a standard naming structure used in the industry, and stands for Common Vulnerabilities and Exposures.

  • CVE-2012-4969: This Internet Explorer vulnerability allows the remote execution of code. Currently, this vulnerability is rated “critical” because of the damage it enables. This attack can be released via a website by hackers. When hackers exploit this loophole, formerly safe websites can become phishing sites.

  • CVE-2013-1331: This is a flaw in the code for Microsoft Office 2003 and Office 2011 for MacBy exploiting a vulnerability in Microsoft’s buffer overflow function, hackers can launch remote attacks. Hackers are able to execute dangerous code remotely as a result of this.

  • CVE-2012-0151: This issue impacts the Authenticode Signature Verification function of WindowsAn attacker can use this vulnerability to execute remote code on a system with the assistance of a user. “User-assisted” means that the attacker must ask the user for assistance. That doesn’t mean your employees will do it willingly, though.

    Usually, it happens when innocent people make a simple mistake, like opening a malicious file attachment in a phishing email.

Two women staring at a computer who seem like they're pondering either clothing sales or small business cybersecurity. It's hard to tell.
Related: Small Businesses Attacked 3X More than Others (click image to read more)

Google Vulnerabilities

Google Chrome and its applications built using Google’s Chromium V8 Engine are also among the biggest vulnerabilities you’ll need to to take action on.

Two, in particular, CVE-2016-1646 & CVE-2016-518, both allow attackers to conduct denial of service attacks. Basically, they can flood your site with so much traffic that it crashes.

And, if your business relies on website traffic to help generate revenue, it can quickly end up costing you thousands, or even tens of thousands of dollars in lost sales.

But, those aren’t the only two code flaws that allow hackers to crash sites this way. You’ll want to make sure two other vulnerabilities are addressed, ASAP.

For instance, CVE-2018-17463 and CVE-2017-5070   both allow attackers to execute code remotely, which they can then use to exploit access to your networks.

Like the others, these both have patches available as an update, so make sure you verify your systems are up-to-date!

DoS denial of service attack breakdown
Related: What are Denial of Service Attacks? (Click image to learn more)

Adobe Vulnerabilities

Adobe Acrobat Reader is one of the most software platforms around, and plays a huge role in the business world.

And, because of its popularity, documents are commonly and routinely shared among employees, departments, and businesses. Unfortunately, it’s this routine and common nature that creates issues, as well.

Take, for instance, the following: 

  • CVE-2009-4324: There is a vulnerability in Acrobat Reader that allows hackers to execute remote code through PDF files. This is why you should never trust a PDF attachment to be safe. When you receive an email from an unknown sender, remember this.

  • CVE-2010-1297: There is a vulnerability in memory corruption. Adobe Flash Player allows remote execution and denial of service attacks. In the same way that IE was retired, Flash Player has been retired. Support and security updates are no longer available for it. So, you’ll want to make sure it’s uninstalled from all computers and websites.

Netgear & Cisco Vulnerabilities

NETGEAR is a world-reknowned company, manufacturing one of the most popular brands of wireless routers available. The company also sells other internet-connected devices.

But, even they aren’t immune to problems of their own.

Take for instance, the vulnerability known as CVE-2017-6862.

The flaw allows a hacker to execute code remotely, but also enables bypassing any necessary password authentication.

And, unfortunately, it’s present in a variety of NETGEAR products.

But Cisco, too, has issues of their own.

A recent vulnerability in the buffer overflow process of Cisco RV series routers offers hackers “root” privileges. This flaw, dubbed CVE-2019-15271, basically allows attackers to do whatever they please with your device, and execute any code they’d like.

Protect Against the Biggest Vulnerabilities with Patch Management Processes

Of course, there are always new vulnerabilities being discovered and exploited nearly every day. These are just a few of the biggest vulnerabilities that are listed on the CISA list.

(For a full breakdown of all 36 major issues added to the list, you can check it out right here.)

So, how do you keep your company safe from the biggest vulnerabilities like these?

To start with, patching and updating your software & hardware is a must. Along with basics, like strong password hygiene and effective training practices, updating your systems is one of the cornerstones of strong cybersecurity.

That said, it’s not always easy to keep up with all of the software updates your business requires. Though some software updates automatically (which can create problems of its own), most systems need regular checks and verifications.

Fortunately, you there’s no reason you need to go it alone.

Blue Bastion Cyber Security, along with our partner division, Ideal Integrations, can provide you with a customized patch management solution to fit your exact needs.

Simply contact us today at 412-349-6680, or fill out the form below for a no-obligation consultation.

And, as always, stay vigilant!

Secure Your Business With Blue Bastion - Contact Us Today!