Top 10 IT Security Headlines of 2021: The Vulnerabilities We Spent Worrying About

Let's take a look back at our year of vulnerability exposures, reactionary patches and losing sleep over what security hole would emerge tomorrow.

10. April Microsoft Security Patches Released, Bringing More Critical Exchange Server Fixes (April 13 )
Microsoft released security updates for 114 common vulnerabilities and exposures (CVEs) in its software products, while also publishing a supplementary note urging organizations to apply the new April Exchange Server "Critical" patches "as soon as possible." [Read here]

9. Microsoft Issues Security Advisory on 'SeriousSAM' Elevation of Privilege Flaw in Windows Client Systems (July 21 )
Microsoft issued a security advisory about an elevation-of-privilege vulnerability (CVE-2021-36934) present in Windows 10 client operating systems. [Read here]

8. Another Windows Print Spooler Vulnerability Disclosed by Microsoft (Aug 13 )
Microsoft published a "Security Update Guide" notice on another Windows print spooler vulnerability, namely CVE-2021-36958. [Read here]

7. Microsoft and Security Researchers Describe Tips and Tools for Detecting Exchange Server Hafnium Attacks (March 8)
Microsoft updated its recommendations to organizations running Exchange Server, targeted in Hafnium nation-state attacks, by describing some new resources. [Read here]

6. Microsoft's June Windows Print Spool Patch Doesn't Block Remote Code Execution Attacks (June 30)
An "Important"-rated Windows print spool vulnerability (CVE-2021-1675), addressed by Microsoft via its June 8 security patch bundle, has emerged more recently as being subject to active attacks. [Read here]

5. Microsoft Issues Hafnium Security Fixes that Don't Require Latest Exchange Server Cumulative Updates (March 9)
Microsoft's Exchange team announced additional help for organizations having trouble trying to patch Exchange Server products quickly in response to the Hafnium attacks. [Read here]

4. 'Millions' of Dell Windows PCs Contain 'Critical' Driver Vulnerability (May 5)
Dell issued a support article describing a "Critical" vulnerability in the Dell dbutil driver affecting most Windows-based Dell computer users. [Read here]

3. Microsoft Issues Out-of-Band 'PrintNightmare' Windows Print Spooler Patch (July 7)
Microsoft announced the release of an "out-of-band" fix for a Windows print spooler vulnerability dubbed "PrintNightmare." [Read here]

2. Microsoft Releases Out-of-Band Security Patches for Exchange Server (March 3)
Microsoft released out-of-band security patches for Exchange Server to address multiple zero-day flaws that are currently being exploited in active attacks. [Read here]

1. Microsoft Clarifies Its 'PrintNightmare' Patch Advice (July 9)
Microsoft issued "clarified guidance" for organizations addressing a zero-day Windows printer spooler vulnerability dubbed "PrintNightmare.". [Read here]


comments powered by Disqus

Subscribe on YouTube