TechTidBit - Tips and advice for small business computing - Tech Experts™ - Monroe Michigan

Brought to you by Tech Experts™

The Biggest Vulnerabilities Hackers Are Currently Exploiting

Software vulnerabilities are an unfortunate part of working with technology. A developer puts out a software release with millions of lines of code. Then, hackers look for loopholes that allow them to breach a system through that code.

The developer issues a patch to fix the vulnerability. But it’s not long before a new feature update causes more.

It’s like a game of “whack-a-mole” to keep your systems secure.

Without ongoing patch and update management, company networks are vulnerable. And these attacks are completely avoidable.

82% of U.S. cyberattacks in Q1 of 2022 were due to exploiting patchable vulnerabilities.

What new vulnerabilities are lurking in products from Microsoft, Google, Adobe, and others? We’ll go through several. These were recently noted in a warning by the Cybersecurity and Infrastructure Security Agency (CISA). Make sure to patch any of these vulnerabilities in your systems.

Microsoft Vulnerabilities

  • CVE-2012-4969: An Internet Explorer vulnerability that allows the remote execution of code.
  • CVE-2013-1331: This Microsoft Office flaw enables hackers to launch remote attacks.
  • CVE-2012-0151: This Windows vulnerability allows user-assisted attackers to execute remote code.

Google Vulnerabilities

  • CVE-2016-1646 & CVE-2016-518: These Chrome & Chromium engine vulnerabilities both allow attackers to conduct denial of service attacks.

Adobe Vulnerabilities

  • CVE-2009-4324: This is a flaw in Acrobat that allows hackers to execute remote code via a PDF file.
  • CVE-2010-1297: A Flash Player vulnerability that allows remote execution and denial of service attacks. (Flash Player is no longer supported, so you should remove it).

Netgear Vulnerability

  • CVE-2017-6862: This router flaw allows a hacker to execute code remotely.

Patch & Update Regularly!

These are a few of the security vulnerabilities listed on the CISA list. You can see all 36 that were added at https://www.cisa.gov

How do you keep your network safe from these and other vulnerabilities? You should patch and update regularly. Work with a trusted IT professional (like us) to manage your device and software updates. This ensures you don’t have a breach waiting to happen lurking in your network.