Toward the end of March, a new vulnerability was discovered in Windows operating systems. This remote code execution vulnerability could allow a cyberattacker to compromise her victim’s computer with just one click on a malicious document. Shortly after it was discovered, groups of hackers were spotted exploiting this vulnerability to carry out attacks. Microsoft has yet to release a patch to remedy this vulnerability.

However, even vulnerabilities that already have a patch to fix them can pose a danger. Over the last few months, there have been multiple attempts to exploit vulnerabilities in several applications in order to carry out ransomware attacks on hospitals. The interesting thing in this case is that the vulnerabilities exploited already had patches available.

Vulnerabilities are a serious danger to the cybersecurity of all kinds of organizations. Among the cyberincidents that were possible because of vulnerabilities in systems or popular applications are the global WannaCry ransomware attacks, the data breach in Equifax, or the massive ransomware attack on the Norwegian company Norsk Hydro. In fact, over 90% of successful cyberattacks today could have been prevented by applying a patch to a vulnerability.

Forearmed is forewarned

Patches are a key weapon in the fight against cybercrime. To be able to apply the right patch, it is essential to know which vulnerabilities are the most critical so as to be able to prioritize updates. To this end, Panda Security has created a portal where you can see the most important vulnerabilities..

“Top vulnerabilities 2020” is a list of the most notable vulnerabilities discovered in 2020, affecting the Windows operating system. The list has six columns that provide details about each vulnerability.

  • CVE: The CVE (Common Vulnerabilities and Exposures) number This system is the standard for identifying vulnerabilities, developed by the non-profit organization MITRE. Each vulnerability is assigned an identification number.
  • Vendor: The company that manufactures the software affected by the vulnerability.
  • Title: A description of the affected software and where it is affected by the vulnerability.
  • Included: The date when the vulnerability was published.
  • CVS V2/V3 Base Score: CVS is the Common Vulnerability Scoring System. This score provides a metric that evaluates the impact that a vulnerability may have on an organization suffering from this vulnerability. All of the vulnerabilities on Panda Security’s list have a minimum score of 7.
  • Description: A brief description of the vulnerability and an explanation of how a cyberattacker could exploit it.

The importance of patches

Knowing what problems you have to deal with is useful, but it is not enough. To ensure a correct cybersecurity posture, it is important to keep your system updated and to ensure you have the relevant patches installed at all times.

Panda Patch Management is a solution that manages all the patches and updates necessary to ensure that your organization is protected. It automatically searches for the patches necessary to keep your company’s computers protected, prioritizing the most urgent updates and scheduling their installation. Pending patches are reported, even when exploits and malware have been detected.

Panda Patch Management immediately launches these patches and updates, or they can be scheduled from the console. Computers can also be isolated if necessary. This way, you can manage patches and updates to ensure that your company runs smoothly, completing your protection system to fully protect your assets. Find out more about Panda Patch Management here.

Vulnerabilities are an inevitable constant in the world of cybersecurity. The best way to protect against them is to be aware of them and apply the right patches.

Having a solution like Panda Patch Management is another cog in the advanced security architecture provided by Panda Adaptive Defense. Not only does it reinforce key prevention capacities, helping to dramatically reduce the attack surface, it also facilitates a rapid isolation of compromised computers, applying updates in real time with just one click.