My fellow sysadmins, strengthen your resolve — for today, we find ourselves at the forefront of another Patch Tuesday. While millions of users go about their day as if it were any other Tuesday, dreaming of cheap tacos and the inevitable heartburn that follows, we are tasked with the most righteous cause of patch management. It is up to us to ensure updates are distributed to devices far and wide, strengthening our defense against the relentless threat of cyberattacks.
Now, as we embark upon this most virtuous quest, let us identify and highlight what patches are in store for us this month.
Total exploits patched: 155
Critical patches: 3
Already known or exploited: 1
Some highlights (or lowlights)
CVE-2024-29990: This month, we’ve got more Azure Kubernetes shenanigans afoot. It’s also our highest-rated CVE for the month at 9.0. We may sound like a broken record at this point, but if you are running a Confidential Container, make sure you are running the latest version of az confcom and Kata Image. If you’re not already running az confcom, you can install it by executing az extension add -n confcom
or update it with az extension update -n confcom
.
CVE-2024-26179: Among the highest-rated CVEs this month is this remote code execution (RCE) vulnerability targeting Windows Routing and Remote Access Service. With a network attack vector and a low attack complexity, the only thing keeping this from being rated higher is the fact that it requires user interaction in which they connect to a malicious server. I guess the question is how much do you trust your users?
CVE-2024-26257: Last highlight of the day goes to another RCE vulnerability targeting one of my favorite applications of all time, Excel. As with many of the vulnerabilities disclosed this month, this too requires user interaction. A user must execute the malicious code locally for the vulnerability to work. If you are a Mac user, be extra careful because a security update is not yet available, though Microsoft is currently working on a release.
Wrapping up
As you venture forth, know that I go with you — in spirit. But, if you’d like more help than that, we’ve got you covered. Check out PDQ Connect or PDQ Deploy & Inventory, which are designed to not only simplify but also automate your patch deployments. Make Patch Tuesday a thing of the past with the right tools. Download a free trial and worry less about Patch Tuesday — and more about Taco Tuesday.
Loading...