Resources

Blog

VERT Threat Alert: September 2024 Patch Tuesday Analysis

By Tyler Reguly on Tue, 09/10/2024

Today’s VERT Alert addresses Microsoft’s September 2024 Security Updates. VERT is actively working on coverage for these vulnerabilities and expects to ship ASPL-1123 as soon as coverage is completed. In-The-Wild & Disclosed CVEs CVE-2024-38217Windows uses the Mark of the Web (MoTW) to identify files downloaded from the Internet. This is done by setting the NTFS Zone.Identifier alternate Data...

Blog

VERT Threat Alert: August 2024 Patch Tuesday Analysis

By Tyler Reguly on Tue, 08/13/2024

Today’s VERT Alert addresses Microsoft’s August 2024 Security Updates. VERT is actively working on coverage for these vulnerabilities and expects to ship ASPL-1119 as soon as coverage is completed.In-The-Wild & Disclosed CVEsCVE-2024-38178CVE-2024-38178 describes a vulnerability in the Microsoft Edge scripting engine when run in Internet Explorer Mode. On top of requiring Edge be running in...

Blog

VERT Threat Alert: July 2024 Patch Tuesday Analysis

By Tyler Reguly on Tue, 07/09/2024

Today’s VERT Alert addresses Microsoft’s July 2024 Security Updates. VERT is actively working on coverage for these vulnerabilities and expects to ship ASPL-1114 as soon as coverage is completed. In-The-Wild & Disclosed CVEsCVE-2024-38112A vulnerability in the Windows MSHTML Platform could allow spoofing to occur. Successful exploitation of this vulnerability requires that the attacker convince...

Blog

VERT Threat Alert: June 2024 Patch Tuesday Analysis

By Tyler Reguly on Tue, 06/11/2024

Today’s VERT Alert addresses Microsoft’s June 2024 Security Updates. VERT is actively working on coverage for these vulnerabilities and expects to ship ASPL-1110 as soon as coverage is completed. In-The-Wild & Disclosed CVEs CVE-2023-50868 The only disclosed vulnerability we have this month, is CVE-2023-50868, a DNSSEC protocol level vulnerability that can lead to denial of service. The...

Blog

VERT Threat Alert: May 2024 Patch Tuesday Analysis

By Tyler Reguly on Tue, 05/14/2024

Today’s VERT Alert addresses Microsoft’s May 2024 Security Updates. VERT is actively working on coverage for these vulnerabilities and expects to ship ASPL-1106 as soon as coverage is completed. In-The-Wild & Disclosed CVEs CVE-2024-30040 Up first this month, we have a security feature bypass in MSHTML. More specifically, we have an Object...

Guide

Vulnerability Management Article Anthology

Guide

Adjusting to the Reality of Risk Management Framework

The Risk Management Framework (RMF) is an approach to systems security management that adjusts security controls based on risk factors. The practice involves a continuous cycle of identifying new threats, choosing effective controls, measuring their effectiveness and improving system security. Federal entities need to understand and utilize RMF as...

VERT Threat Alert: September 2024 Patch Tuesday Analysis

VERT Threat Alert: August 2024 Patch Tuesday Analysis

VERT Threat Alert: July 2024 Patch Tuesday Analysis

VERT Threat Alert: June 2024 Patch Tuesday Analysis

VERT Threat Alert: May 2024 Patch Tuesday Analysis

Vulnerability Management Article Anthology

Adjusting to the Reality of Risk Management Framework

Contact Information

Privacy Policy

Cookie Policy

Impressum