Vulnerability Report: October 2024
Rivanorth
Welcome to the monthly Vulnerability Report. In this report, we provide an overview of the most significant security vulnerabilities identified in the past month. Our focus is on vulnerabilities that are being actively exploited, which pose the biggest risk to you. Stay informed about the latest threats and take proactive steps to secure your systems against the latest attacks.
First things first, what is a CVE?
A CVE, or Common Vulnerabilities and Exposures, is a standardised identifier for known cybersecurity vulnerabilities. The purpose of CVEs is to provide a standardised method for identifying and cataloging security vulnerabilities, which helps organisations prioritise their vulnerability management efforts.
Why are CVEs important?
CVEs are publicly known vulnerabilities, some of them, like the ones listed below are currently being exploited, making sure you have the correct patches installed ensures your systems are safe from these attacks.
Actively Exploited
The following vulnerabilities are being actively exploited.
CVE-2024-8963 - Ivanti CSA - Affected version: Before 4.6 Patch 519 - Severity rating: 9.4 (Critical)
CVE-2024-43461 - Windows MSHTML Platform - Severity rating: 8.8 (High)
CVE-2024-4761 - Google Chrome V8 - Affected version: 124.0.6367.207 - Severity rating: 8.8 (High)
CVE-2024-8190 - Ivanti Cloud Services Appliance - Affected version: 4.6 Patch 518 and before - Severity rating: 7.2 (High)
CVE-2024-38226 - Microsoft Publisher - Severity rating: 7.3 (High)
CVE-2024-38014 - Windows Installer - Severity rating: 7.8 (High)
CVE-2024-38217 - Windows - Severity rating: 5.4 (Medium)
What To Do
If you are currently running software listed above, make sure you install the latest version to stay secure.
As a leading cybersecurity company, we are on the forefront of security research, constantly monitoring for emerging threats. With best in class security expertise, we are able to help you secure your assets to the highest levels.
Visit rivanorth.com to find out more.
You build the future. We help you secure it.
Subscribe to my newsletter
Read articles from Rivanorth directly inside your inbox. Subscribe to the newsletter, and don't miss out.
Written by
Rivanorth
Rivanorth
State of the art Cybersecurity services, always a step ahead. You build the future. We help you secure it.