Five OS Vulnerabilities

You’ve probably heard about new patches and new vulnerabilities found in Windows. You know it’s important but not necessarily why.
All applications run through the OS and can potentially see everything the OS has access to. So, attackers are ready to use OS vulnerabilities against you.
In this article, I’ll explain a few OS vulnerabilities and how to keep your devices secure with Workspace One Intelligence.

Vulnerabilities

A vulnerability is a security term to describe a potential weak point in a security system. All systems have vulnerabilities whether it is hardware, OS or other software. Some vulnerabilities are public. Some are still unknown and when attackers find them we talk about zero-day exploits.
Public vulnerabilities are called Common Vulnerabilities and Exposures (CVE) and a list can be found online. Editors regularly provide patches to correct new CVE. Not everyone and not every company patches their environment leaving opportunities to attackers.

Five OS Vulnerabilities

- Remote Code Execution: Attackers can remotely execute or modify code on the device. It can lead to other attacks like privilege escalation because they can run any code they want.

- Privilege Escalation: Attackers can obtain more privileges than what they should have. The goal is to get administrator rights and be able to perform certain actions. Here is an article to better understand the role of privilege escalation in a cyberattack.

- Denial of Service: A DoS attack floods a system and a network with traffic. It exhausts the system resources and bandwidth so it’s unable to process real users’ requests. When multiple systems are used for the attack, we talk about Distributed Denial of Service. DoS attacks are sometimes a diversion for other attacks. While you focus on the DoS attack, another attack can penetrate your system.

- Memory Corruption: The memory of the computer is compromised. Attackers can access it to collect sensitive data.

- Overflow: The OS cannot control the amount of code generated. It results in crash, data loss or an unexpected behaviour.

Workspace One Intelligence

Workspace One is VMware solution for modern devices management. Workspace One Intelligence module provides insights, analytics and automation for a better device management. It brings visibility into all vulnerabilities with a Security Risk Analysis by correlating Microsoft KB, CVE and CVSS (Common Vulnerability Scoring System).

It provides you with the list of vulnerabilities, the devices involved and the corresponding CVSS.

Security Risk Dashboard

Vulnerability List with CVSS score and number of devices

Diagram with vulnerabilities CVSS score and number of devices

You can also automate the patching of devices.

In conclusion

OS Vulnerabilities are an open door for attackers. It can lead to other attacks, computers compromised and information disclosure. It is important to patch your environment to limit the risk. We don’t know all the vulnerabilities but let’s start by protecting our system against public ones.