US-CERT: Top 30 Targeted High Risk Vulnerabilities: Alert (TA15-119A)

11 May 2015 11:21 AM | Brian Kelley (Administrator)

US-CERT Alert published May 7, 2015

Systems Affected

Systems running unpatched software from Adobe, Microsoft, Oracle, or OpenSSL. 

Overview

Cyber threat actors continue to exploit unpatched software to conduct attacks against critical infrastructure organizations. As many as 85 percent of targeted attacks are preventable [1] (link is external).

This Alert provides information on the 30 most commonly exploited vulnerabilities used in these attacks, along with prevention and mitigation recommendations.

It is based on analysis completed by the Canadian Cyber Incident Response Centre (CCIRC) and was developed in collaboration with our partners from Canada, New Zealand, the United Kingdom, and the Australian Cyber Security Centre.

Description

Unpatched vulnerabilities allow malicious actors entry points into a network. A set of vulnerabilities are consistently targeted in observed attacks.

Impact

A successful network intrusion can have severe impacts, particularly if the compromise becomes public and sensitive information is exposed. Possible impacts include:

  • Temporary or permanent loss of sensitive or proprietary information,
  • Disruption to regular operations,
  • Financial losses relating to restoring systems and files, and
  • Potential harm to an organization’s reputation.

Solution

Maintain up-to-date software

The attack vectors frequently used by malicious actors such as email attachments, compromised “watering hole” websites, and other tools often rely on taking advantage of unpatched vulnerabilities found in widely used software applications. Patching is the process of repairing vulnerabilities found in these software components.

It is necessary for all organizations to establish a strong ongoing patch management process to ensure the proper preventive measures are taken against potential threats. The longer a system remains unpatched, the longer it is vulnerable to being compromised. Once a patch has been publicly released, the underlying vulnerability can be reverse engineered by malicious actors in order to create an exploit. This process has been documented to take anywhere from 24-hours to four days. Timely patching is one of the lowest cost yet most effective steps an organization can take to minimize its exposure to the threats facing its network.

Patch commonly exploited vulnerabilities

Executives should ensure their organization’s information security professionals have patched the following software vulnerabilities. Please see patching information for version specifics.

Visit here to see the details on and patches for the 30 targeted software threats.


Massachusetts Health Data Consortium
460 Totten Pond Road | Suite 690
Waltham, Massachusetts 02451
781.419.7800
www.mahealthdata.org

For more information,
please contact Arleen Coletti
by email or at 781.419.7818

STAY CONNECTED
join our mailing list

© Massachusetts Health Data Consortium