Microsoft rolled out the February 2021 Patch Tuesday update on the 9th of February 2021. With this batch of updates, the focus is on improving the general functionality of the OS and fixing the current bugs. The February updates are all about enhancing the security of most apps and Windows components.

Besides death and taxes, there seems to be one more thing we can rely on as certain—software vulnerabilities.

Ask any IT or Infosec professional if they think patch management is important, and you’ll get an annoyed “of course.” But while the majority of organizations understand the importance of patching, implementation of patch management can be lackluster. With so many operating systems, expanding infrastructure, hybrid cloud environments, hundreds of applications, and thousands of assets, it can be difficult to maintain an effective strategy for what should be routine security hygiene. Every organization wants to minimize their risk profile, and an effective, efficient, and—above all—routine set of best practices is the first step.

Well, we made it through the first month of 2021! (Hopefully without any scratches or bruises 😅). As stewards of the lush and vast landscape of security vulnerabilities, we felt obliged to share with you the top trending CVEs of the past month. So, without further ado, The Top Trending CVEs of January 2021:

An Overview of CVSS Score

The Common Vulnerability Scoring System (CVSS) is the industry standard for scoring the severity of a vulnerability. In this article, we will take a closer look at this score. 

Common Vulnerability Scoring System (SVSS) version 3.0 framework was the last one that was published by the organization responsible for creating it. It was created by the Forum of Incident Response and Security Teams (FIRST). 

Understanding Vulnerability Scoring

Threat actors make use of vulnerabilities for their attacks. By exploiting vulnerabilities, attackers can gain access to devices, networks and systems. Vulnerabilities enable attackers to steal corporate information and sell sensitive information. They can also eavesdrop to confidential communication.   

Common Vulnerability Scoring System (CVSS) allows companies to make use of a common language when dealing with vulnerability threats. Since it was created in 2003, CVSS has been widely implemented by many companies.