Qualys Blog

www.qualys.com
wkandek

US-CERT: Top 30 Vulnerabilities

On April 29, 2015 US-CERT published TA15-119A which describes the Top 30 vulnerabilities that critical infrastructure organizations should focus on because they are under attack all the time. The list contains Windows, Internet Explorer, Adobe Software from Reader, Flash to Cold Fusion, Java from Oracle and others and is quite similar to the more generic set of software packages published by the German BSI last December.

Here is a list of the vulnerabilities in the advisory. I have reordered and optimized where possible for efficient scanning with Qualys, for example listing the most recent patch first to take advantage of superseding patches:

  • Windows: MS14-060 for CVE-2014-4114, Qualys ID: 90979
  • Internet Explorer: MS14-021 for CVE-2014-1776, Qualys ID: 100191
    • MS14-012 for CVE-2014-0322
    • MS13-038 for CVE-2013-1347
    • MS13-008 for CVE-2012-4792
    • MS10-018 for CVE-2010-0806
    • MS09-072 for CVE-2002-3674
    • CVE-2006-3227
  • Adobe Reader: APSB13-15 for CVE-2013-2729, Qualys ID: 121276
    • APSB11-30 for CVE-2011-2462
    • APSB11-07 for CVE-2011-0611
    • APSB10-21 for CVE-2010-2883
    • APSB10-07 for CVE-2010-0188
    • APSB10-02 for CVE-2009-3953
  • Adobe Flash: APSB14-22 for CVE-2014-0564, Qualys ID: 122742
    • APSB11-08 for CVE-2011-0611
  • Oracle Java: CPU June 2013 for CVE-2013-2469, Qualys ID: 121279
    • CPU June 2012 for CVE-2012-1723
  • Microsoft Office: MS14-017 for CVE-2014-1761, Qualys ID: 121860
    • MS11-021 for CVE-2011-0101
    • MS10-087 for CVE-2010-3333
    • MS09-067 for CVE-2009-3129
    • MS08-042 for CVE-2008-2244
  • Microsoft Office: MS12-060 for CVE-2012-0158, Qualys ID: 90828
  • Silverlight: MS13-022 for CVE-2013-0074, Qualys ID: 90870
  • Adobe Cold Fusion: APSB13-27 for CVE-2013-5326, Qualys ID: 121581
    • APSB13-13 for CVE-2013-3336
  • OpenSSL Heartbleed CVE-2014-0160, Qualys ID:42430

In essence a searchlist with QIDs 42430, 90870, 90828, 90979, 100191,121276, 121279, 121581, 121860, and 122742 should do the job of searching for TA15-119A vulnerabilities in your network.

Leave a Reply