September 2023: VM courses, Bahasa Indonesia, Russian Podcasts, Goodbye Tinkoff, MS Patch Tuesday

Hello everyone! On the last day of September, I decided to record another retrospective episode on how my Vulnerability Management month went. Education 00:09 BMSTU online cyber security course 00:33 Positive Technologies online Vulnerability Management course 00:52 Bahasa Indonesia Russian Podcasts 01:20 Прожектор по ИБ (“Information Security Spotlight“) podcast 01:47 КиберДуршлаг (“Cyber Colander“) by Positive Technologies Main Job 01:57 Goodbye Tinkoff Patch Tuesday 02:54 September Microsoft Patch Tuesday 03:11 Remote Code Execution – Microsoft Edge/libwebp (CVE-2023-4863), Memory Corruption – Microsoft Edge (CVE-2023-4352) 04:11 Remote Code Execution – Windows Themes (CVE-2023-38146) “ThemeBleed“ 04:48 Information Disclosure (NTLM relay attack) – Microsoft Word (CVE-2023-36761) 05:19 Elevation of Privilege – Microsoft Streaming Service Proxy (CVE-2023-36802) 05:36 Remote Code Executions - Microsoft Exchange (CVE-2023-36744, CVE-2023-36745, CVE-2023-36756) Other Vulnerabilities 06:54 Bitrix CMS RCE (BDU:2023-05857) 07:32 RHEL/CentOS 7 can’t be detected, can’t be fixed vulnerability (CVE-2022-1012) 08:09 Qualys TOP 20 vulnerabilities Vulnerability Management Market 09:06 Forrester and GigaOm VM Market reports 09:49 R-Vision VM Blogpost: Subscribe to the avleonovcom Telegram channel “Vulnerability Management and more“! All links are there! #vulnerabilitymanagement #microsoft #patchtuesday
Back to Top