Patch Them Bugs, Folks!

What is happening

The situation

• At the top of the list is CVE-2017-11882, an RCE vulnerability in Office. The memory bug is exploited to propagate data harvesting trojans.
• Another popular one is CVE-2017-0199, another RCE bug in Office used as an entryway for spyware and banking trojans.
• CVE-2012-0158 is an eight-year-old Windows ActiveX bug used for Dridex malware infections.
• Adobe Flash Player also appears on the list with CVE-2017-1043. This bug is used to spread Dogcall, a remote access trojan.
• An RCE bug in Drupal - CVE-2018-7600 - is used to spread Kitty, a cryptocurrency mining infection.

What the experts are saying

• According to the CISA, the main purpose behind sharing the list is to advise security personnel to prioritize the work on patching critical vulnerabilities in their environments in efforts to spoil attacks from foreign cyber actors.
• Bugs in Microsoft’s Object Linking and Embedding (OLE) technology are the most commonly exploited.

Worth noting

• The Equifax hack was caused by the exploitation of CVE-2018-5638, an RCE vulnerability in Apache Struts 2. 
• The latest bug title goes to CVE-2019-0604, SharePoint RCE vulnerability. This bug is used as the entryway for China Chopper and was also, connected to a reported hack in the UN.

In essence