A Familiar Storm Approaches: April 14th’s Vulnerability Fujiwhara Event
April 8, 2020 • RBS
Back in January, we first warned organizations about the Vulnerability Fujiwhara Effect that will hit three times this year. These major security events, in which Microsoft, Oracle and other multiple large vendors disclose vulnerabilities in popular products on the same day, pose a particular challenge for Vulnerability Management teams who are left analyzing and prioritizing hundreds of disclosures before remediation can even begin. We have already seen the impacts of the first storm that occurred on January 14th.
The next Fujiwhara will hit organizations on April 14th, 2020.
What We Observed From The First Storm
Microsoft’s monthly Patch Tuesday has proven to be a very busy day for IT teams, as many vendors have adopted the same routine. The first such event of the year, on January 14th, saw the following vendors participate in Patch Tuesday:
- Schneider Electric
Starting at 2:00 AM EST, our VulnDB team began the long day which consisted of analyzing and publishing new vulnerability reports to our customers, and updating an additional 300+ entries. Among the disclosed vulnerabilities were a number of high-profile ones such as the Microsoft pre-auth RCE vulnerability and the 0-day vulnerability in the IE scripting engine, however there were many others that deserved the same scrutiny.
Here is a visual breakdown based on CVSS severity of all the vulnerabilities pushed out during the first storm:
A High of 500+, With Lows Around 300
Even with companies such as Google announcing that they would pause upcoming Chrome and Chrome OS release, they stated that they would continue to prioritize any updates related to security. This is for good reason as the discovery and disclosure of vulnerabilities doesn’t pause for the Coronavirus pandemic, of course. The upcoming storm next week will be hitting organizations hard on April 14th despite the ongoing business disruption faced by organizations and their security teams.
In our recent Vulnerability Management In the Time of a Pandemic we touched on the topic, noting that for each of the remaining two Vulnerability Fujiwhara events of the year, organizations could expect to see, on the high end, 500 or more vulnerabilities disclosed. That is a significant increase when compared to the average number of newly published vulnerabilities in a day, which typically is around 60. Even for large organizations, processing these new “Patch Tuesday” disclosures can take weeks, and that’s with a well-funded and coordinated team. The hours required for IT security teams to collect, analyze, triage, and then address the coming vulnerabilities will be considerable.
2020: A Complicated Situation
If there wasn’t enough going on already, organizations must somehow manage the coming Vulnerability Fujiwhara Effect despite the current business disruption and pressure on security budgets. If Risk Management teams do not have the resources they need to manage the staggering volume of vulnerabilities that are coming, analysis and remediation will inevitably be slower, putting organizations at risk.
Organizations may also face increased exposure to data breaches at this time as research has shown that cybercrime increases during a recession. So far, we have seen over 700 organizations face lawsuits after suffering a data breach, and we believe that the number is drastically under-reported. While some security regulations have been relaxed due to the ongoing pandemic, organizations need to ensure that their security teams can perform necessary patching and remediation to keep systems secure to avoid any potential legal fallout.
Equip Your Teams With The Intelligence That They Need
At times like these, Better Data Matters® and is even more important. Organizations will greatly benefit from a comprehensive source of vulnerability intelligence, so that their security teams can spend less time on vulnerability assessment, and more time on vulnerability management.
If you do not have the proper intelligence and processes in place, don’t hesitate to reach out. Ensure that you are properly equipped to not only deal with the upcoming storm on April and July 14th, but also the daily vulnerability reports that may impact your organization. If we can help you with that, get in touch.
For a focused look into the state of vulnerability intelligence, as well as further information on how to prepare for this upcoming Patch Tuesday including insights on 2020, please view our webinar which is available on demand.