NEW ACTION1 PLATFORM: NOW WITH MACOS SUPPORT

This Wednesday | 12 PM EST / 11 AM CET

Action1 5 Blog 5 Three-Year-Old Unpatched Vulnerability: U.S. Government Breach

Three-Year-Old Unpatched Vulnerability: U.S. Government Breach

March 16, 2023

By Mike Walters

On March 15, three U.S. government agencies (CISA, FBI, and MS-ISAC) made a joint statement about an exploited vulnerability, stating that cyber threat actors were able to exploit a .NET deserialization vulnerability (CVE-2019-18935) in Progress Telerik UI located in the agency’s Microsoft IIS web server, leading to remote code execution.

The vulnerability was published on 12/11/2019 and a patch was released shortly after. However, somebody did not apply the patch to this sensitive government server.

Still, we hear so many IT people are fearful of their “downtime-intolerant” management, causing them to postpone (or completely stop) updates to their critical systems. Yes, it is true, on rare occasions, patches do break systems. Therefore testing new patches is essential. Some organizations perform testing for 2-3 weeks, some longer. But delaying it for three years?

4 Reasons Not to Delay Patching

Overall, delaying patching can have serious consequences for the security, performance, and compliance of systems and organizations. It is important to prioritize patching and stay up-to-date with the latest updates and fixes to ensure the safety and reliability of your systems. Otherwise, you may run into one or more of these issues:

  • Security vulnerabilities: Delaying patching can leave systems exposed to security vulnerabilities, which can be exploited by cybercriminals to compromise the security of the system and steal sensitive information.
  • Malware and cyberattacks: Vulnerable systems are a prime target for malware and cyberattacks, such as ransomware and viruses, which can cause significant damage to the system and compromise the data stored on it.
  • Compliance: Many industries and organizations are required by law or regulation to maintain a certain level of security and compliance. Delaying patching can result in non-compliance, which can lead to legal and financial penalties.
  • System performance: Unpatched systems can experience degraded performance and stability due to bugs and issues that have not been addressed. This can lead to downtime and lost productivity.

3 Mitigation Actions Recommended by CISA

No surprise that CISA came up with these three now very obvious recommended mitigation actions:

  • Implement a patch management solution to ensure compliance with the latest security patches.
  • Validate output from patch management and vulnerability scanning against running services to check for discrepancies and account for all services.
  • Limit service accounts to the minimum permissions necessary to run services.

About Action1

Here at Action1, we provide a risk-based patch management solution for distributed work-from-anywhere organizations. Action1 helps to discover, prioritize, and remediate vulnerabilities in a single cloud-native solution to prevent security breaches and ransomware attacks. It automates patching of third-party applications, patching of operating systems, drivers, and firmware, ensuring continuous patch compliance and remediation of security vulnerabilities before they are exploited.

See What You Can Do with Action1

 

Join our weekly LIVE demo “Patch Management That Just Works with Action1” to learn more

about Action1 features and use cases for your IT needs.

 

spiceworks logo
getapp logo review
software advice review
trustradius
g2 review
spiceworks logo

Related Posts