Today we are excited to announce several new features, workflows, and new technology support in Qualys Vulnerability Management and Policy Compliance.
These new features will be deployed as a part of QWEB 10.0 and Portal 3.0 release versions.
This month’s Microsoft Patch Tuesday addresses 115 vulnerabilities with 26 of them labeled as Critical. Of the 26 Critical vulns, 17 are for browser and scripting engines, 4 are for Media Foundation, 2 are for GDI+ and the remaining 3 are for LNK files, Microsoft Word and Dynamics Business. Microsoft also issued a patch for an RCE in Microsoft Word. Adobe has not posted any patches for Patch Tuesday.
On the basis of volume and severity this Patch Tuesday is heavy in weight.
See details of the new detections, including description, consequence and solution.
A severe vulnerability exists in Apache Tomcat’s Apache JServ Protocol. The Chinese cyber security company Chaitin Tech discovered the vulnerability, which is named “Ghostcat” and is tracked using CVE-2020-1938. The security issue has received a critical severity rating score of 9.8 based on CVSS v3 Scoring system.
Vulnerability Details:
Due to a file inclusion defect in the AJP service (port 8009) that is enabled by default in Tomcat, an attacker can construct a malicious request package for file inclusion operation, and then read the web directory file on the affected Tomcat server. If the system allows users to upload files, an attacker can upload malicious code to the server, and gain the ability to perform remote code execution.
This month’s Microsoft Patch Tuesday addresses 99 vulnerabilities with 12 of them labeled as Critical. Of the 12 Critical vulns, 7 are for browser and scripting engines, 2 are for Remote Desktop Client, and the remaining 3 are for LNK files, Media Foundation, and Windows. The IE 0-day disclosed in January is patched as part of the scripting engine fixes. Microsoft also issued a patch for an RCE in Exchange.
Adobe issued patches today for Experience Manager, Digital Editions, Flash Player, Acrobat/Reader, and Framemaker.
This month’s Microsoft Patch Tuesday addresses 50 vulnerabilities with only 8 of them labeled as Critical. Of the 8 Critical vulns, one is for browser and scripting engines, 3 are for .NET Framework and one for ASP.NET. In addition, Microsoft has patched 3 critical RCEs in Remote Desktop Gateway and Remote Desktop Client. Adobe issued patches today for Illustrator CC and Experience Manager.
This month’s Patch Tuesday is rather light and addresses 36 vulnerabilities, with only 7 labeled as Critical. Five of the seven Critical vulns are in Git for Visual Studio. The others are for Hyper-V and Win32k. Also, there is one actively attacked “Important” vuln in Win32k. Adobe released patches today covering Acrobat/Reader, ColdFusion, Photoshop, and Brackets.
This month’s Microsoft Patch Tuesday addresses 74 vulnerabilities with 13 of them labeled as Critical. Of the 13 Critical vulns, 5 are for browsers and scripting engines. Out of the 8 remaining Critical vulns, 4 are potential hypervisor escapes in Hyper-V, as well as vulnerabilities in Microsoft Exchange, Win32k, Windows Media Foundations, and OpenType. Adobe’s Patch Tuesday was on time this month, and covers 11 vulns spread across Animate, Illustrator, Media Encoder, and Bridge.
UPDATE
There are reports that the CVE-2019-1402 patches are causing issues with all supported versions of Microsoft Access. Microsoft has posted a document on the issue with upcoming fix dates and workarounds.
Update Nov 19, 2019: This blog post was updated with additional detail about the new features in 8.21.6.
The 8.21.6 release adds several new features in Qualys Cloud Platform, Policy Compliance, and Vulnerability Management. Apart from various other new features, this release adds support for Apple Safari 11.x/12.x in compliance scans for Unix hosts, and extends UDC support for multiple new technologies for Qualys PC; whereas, new features for VM includes added support for HashiCorp vaults in DB Auth Records and Sybase authentication for vulnerability scanning.
This new release of the Qualys Cloud Platform (VM, PC), version 8.21.2, includes Virtual Scanner Appliance support for Alibaba Cloud Compute, scheduling of EC2 scans with no scannable EC2 assets in Asset Tags in Qualys Vulnerability Management, expanded support for instance discovery and auto record creation in Qualys Policy Compliance, compliance support for Oracle 19c, and more.
The upcoming release of the Qualys Cloud Platform (VM, PC), version 8.21.2, includes several new features in Qualys Cloud Platform and support for multiple technologies in Qualys Policy Compliance. The 8.21.2 release is scheduled to go live on 16th Sept, 2019.
See full 8.21.2 new features blog post for additional details on this release.