![]() When software vulnerabilities are identified, attackers often move quickly to exploit those vulnerabilities before they can be patched. It prevents known vulnerabilities from being exploited.Here are some key reasons why patch management is so important: ![]() Failure to do so can leave them vulnerable to attack, as was the case with LastPass. When vulnerabilities are identified in software, it is essential that organizations act quickly to patch those vulnerabilities. This incident highlights the critical importance of patch management. In the case of the LastPass hack, the vulnerability had been identified and patched three years prior, but the engineer failed to update their personal computer with the patch, which left the organization vulnerable to attack.īy reducing MTTR and implementing effective patch management practices, organizations can minimize the window of opportunity for attackers to exploit known vulnerabilities, thus reducing the risk of data breaches and other cyber attacks. MTTR is the average amount of time it takes for an organization to fix a vulnerability once it has been identified. This incident underscores the critical importance of reducing the Mean Time to Remediate (MTTR) when it comes to patching vulnerabilities. This flaw could be exploited by a remote, authenticated attacker to execute arbitrary code in the context of the current operating system user, with a CVSS score of 7.2. The specific vulnerability in question is CVE-2020-5741, which is a deserialization flaw impacting Plex Media Server on Windows. ![]() The hack occurred because one of LastPass’ engineers failed to update Plex on their personal computer with a known vulnerability that had been identified in the software several months prior.Īccording to reports, the LastPass hack was made possible by exploiting a nearly three-year-old (!), now-patched flaw in Plex, which allowed the attacker to execute arbitrary Python code on the engineer’s computer. LastPass, a popular password management tool used by millions of people around the world, recently suffered a hack that exposed the email addresses and encrypted master passwords of its users. The recent news about the LastPass hack is a stark reminder of the importance of patch management.
0 Comments
Leave a Reply. |