wonderfully unique software solutions

Microsoft vulnerabilities lowest since June – but automation will be needed in 2023

Patch Tuesday saw fewer vulnerabilities announced by Microsoft for once, potentially offering some breathing space for teams to get ahead on cybersecurity for 2023.

Peter Pflaster, writing for devops automation tools specialist Automox, noted in a blog post that December’s Patch Tuesday announced the lowest number of Microsoft vulnerabilities since June — 56, including seven critical vulnerabilities and one actively exploited zero-day threat.

“Perhaps the most critical and wide-reaching vulnerability this month is a critical remote code execution flaw in PowerShell 7.2 and 7.3. Attackers are likely to target this weakness, though it does require additional preparation for the target environment prior to exploitation,” Pflaster said.

Also, a privilege escalation vulnerability in Windows Bluetooth Driver allows attackers to elevate to System privileges on most versions of Windows 7, 8.1, 10, 11, and Server 2008-2022. While this hasn’t yet been exploited in the wild, Microsoft has suggested this is likely, according to Automox.

“There’s also an actively exploited zero day in Windows SmartScreen that allows for security feature bypass. Even though the vulnerability is only moderately severe according to Microsoft, you’ll want to patch it since threat actors are already targeting the vulnerability with social engineering attacks,” Pflaster added.

Beyond current vulnerabilities, Automox is looking ahead to the IT environment for cybersecurity in 2023. The vendor’s Jon Levenson has announced that nine IT trends are expected by Automox’s expert team.

First up is an increasing push towards automation.

“Many have touted automation as the provider of vast time savings and efficiency gains for IT organisations that adopt it. In my opinion, they’re correct,” Levenson wrote.

Since Covid, more organisations have supported remote and hybrid working, which meant an accompanying cloud focus. However, this meant that adversaries will increasingly target cloud-based infrastructure.

“Coupled with the hasty nature of many cloud deployments and configurations, overly broad permissions and a lack of proper alerting and monitoring will prove to be advantageous vectors for adversaries to exploit,” according to Automox.

In addition, in a recession especially, staff resource constraints suggest that automation within technical roles will prove crucial to staying afloat and protecting infrastructure.

Read Automox’s full predictions list for 2023.

( Photo by Windows on Unsplash )

Recent Articles

Agreement management vendor DocuSign to add AI with Lexion buy

Cloud documentation management software company DocuSign has agreed to acquire Lexion, rolling the latter's AI capabilities into its DocuSign Intelligent Agreement Management...

LastPass urges SMBs to tackle human cyber vulnerabilities

SMBs are more proactive yet still aren't patching cybersecurity gaps caused by the "human factor" -- that is, based on human psychology...

Four core GFI business manager applications add AI co-pilot

GFI Software has integrated AI co-pilot capabilities into four of its key business-focused applications with a view to optimised network performance and...

Extended detection and response (XDR) has become vital, says Stormshield

Extended detection and response technologies (XDR) have become a vitally important shield for all companies, according to sovereignty focused data, network and...

Is OSCP or CEH the best security certification for staff? CBT Nuggets explains

Deciding between Offensive Security Certified Professional (OSCP) and Certified Ethical Hacker (CEH) cybersecurity skills certifications can be "make or break" for staff,...

Related Stories

Leave A Reply

Please enter your comment!
Please enter your name here

Weirdware monthly - Get the latest news in your inbox