Blog

Fortra Patch Priority Index
Blog

Fortra Patch Priority Index for May 2025

By Lane Thames on Wed, 06/04/2025
Fortra's May 2025 Patch Priority Index (PPI) brings together important vulnerabilities for Microsoft and Google.Up first on the list are patches for Microsoft Edge (Chromium-based) and Google Chromium that resolve 6 issues including spoofing, out of bounds memory access, insufficient data validation, inappropriate implementation, use after free, and heap buffer overflow vulnerabilities.Next on the...
Vulnerability Management
Blog

What to Look for in a Vulnerability Management Solution

By Cybersecurity Experts at Fortra on Tue, 05/20/2025
Click the infographic to view and download in full size One of the most fundamental — and often overlooked — processes of a strong security posture is vulnerability management (VM). VM is much more than just running a vulnerability scan; it’s at the core of all the layers that make up solid cybersecurity. Whether your organization has a simple...
Vulnerability Management
Prescription For Disaster: Sensitive Patient Data Leaked in Ascension Hack
Blog

Prescription For Disaster: Sensitive Patient Data Leaked in Ascension Breach

By Graham Cluley on Fri, 05/16/2025
Ascension, one of the largest private healthcare companies in the United States, has confirmed that the personal data of some 437,329 patients has been exposed following an attack by cybercriminals. To the undoubted distress of Ascension's client base, the details of hundreds of thousands have fallen into the hands of hackers, opening up opportunities for fraud and identity theft. Breached...
Compliance
Data Loss Prevention
Vulnerability Management
Blog

Patch Tuesday Update - January 2025

By Mieng Lim on Tue, 01/14/2025
FVM will include the Microsoft Patch Tuesday checks in the NIRV 4.57.0 and FVM Agent 2.18.• Microsoft addressed 158 vulnerabilities this release, including 10 rated as Critical.Microsoft has publicly disclosed the below vulnerabilities:CVE-2025-21366 - Microsoft Access Remote Code Execution VulnerabiliyCVE-2025-21395 - Microsoft Access Remote Code Execution VulnerabilityCVE-2025-21186 -...
Vulnerability Management
Vulnerability Research

Patch Tuesday Update - November 2024

By Mieng Lim on Tue, 11/12/2024
Fortra VM will include the Microsoft Patch Tuesday checks in the NIRV 4.54.0 and FVM Agent 2.15 releases.Microsoft addressed 89 vulnerabilities in this release, including 4 rated as Critical and 51 Remote Code Execution vulnerabilities.This release also includes fixes for two vulnerabilities that have been publicly disclosed and exploited in the wild.CVE-2024-43451 NTLM Hash Disclosure Spoofing...
Vulnerability Management
Blog

Patch Tuesday Update - October 2024

Tue, 10/08/2024
Fortra VM will include the Microsoft Patch Tuesday checks in the NIRV 4.52.0 and FVM Agent 2.13 releases. Microsoft addressed 117 vulnerabilities in this release, including 3 rated as Critical and 43 Remote Code Execution vulnerabilities. This release also includes fixes for two vulnerabilities that have been exploited in the wild. CVE-2024-43572 Microsoft Management Console Remote Code...
Vulnerability Management
Blog

Fortra VM 7.0.3 Release

Thu, 09/19/2024
The Fortra VM 7.0.3 release is now live.  In this release there is a new Standard Scan feature. New Standard ScanFortra VM Release 7.0.3 introduces a new Standard Scan option. This Standard Scan feature provides an initial preset option that pre-selects the most widely used VM scan settings. Standard mode allows users to get a scan up and running in just a few clicks, without having to go...
Vulnerability Management
Vulnerability Research

Patch Tuesday Update - September 2024

By Mieng Lim on Tue, 09/10/2024
Fortra VM will include the Microsoft Patch Tuesday checks in the NIRV 4.50.0 and FVM Agent 2.11 releases.Microsoft addressed 79 vulnerabilities in this release, including 7 rated as Critical and 23 Remote Code Execution vulnerabilities.This release also includes fixes for four vulnerabilities that have been exploited in the wild.CVE-2024-38217 and CVE-2024-38226 are Security Feature Bypass...
Vulnerability Management
Vulnerability Research

Patch Tuesday Update - August 2024

By Mieng Lim on Tue, 08/13/2024
Fortra VM will include the Microsoft Patch Tuesday checks in the NIRV 4.48.0 and FVM Agent 2.10 releases.Microsoft addressed 86 vulnerabilities in this release, including 7 rated as Critical and 28 Remote Code Execution vulnerabilities.This release also includes fixes for six vulnerabilities that have been exploited in the wild.Microsoft Project Remote Code Execution Vulnerability (CVE-2024-38189...
Vulnerability Management
Blog

Managing the Rising Tide of CVEs 

By Mieng Lim on Fri, 07/26/2024
If you are watching recent security stats, you’ll likely spot an alarming trend. Common Vulnerabilities and Exposures (CVEs) are on the rise and expected to increase by 25% in 2024, reaching 2,900 CVEs per month¹. It’s not a huge surprise that the number of known vulnerabilities is growing, given the proliferation of systems and software. Unfortunately, average time to remediation is increasing...
Vulnerability Management
Vulnerability Research

Patch Tuesday Update - July 2024

By Mieng Lim on Tue, 07/09/2024
Fortra VM will include the Microsoft Patch Tuesday checks in the NIRV 4.46.0 and FVM Agent 2.9 releases.Microsoft addressed 142 vulnerabilities in this release, including 5 rated as critical, and 59 remote code execution vulnerabilities.This release represents a huge increase in the number of CVEs, as opposed to last month’s count.Notable Vulnerabilities from this patch Tuesday release:CVE-2024...
Vulnerability Management
Vulnerability Research

Patch Tuesday Update - June 2024

By Mieng Lim on Tue, 06/11/2024
Fortra VM will include the Microsoft Patch Tuesday checks in the NIRV 4.44.0 and FVM Agent 2.8 releases.Microsoft addressed 51 vulnerabilities in this release, including 1 rated as Critical and 18 Remote Code Execution vulnerabilities.CVE/AdvisoryTitleTagMicrosoft Severity RatingBase ScoreMicrosoft ImpactExploitedPublicly DisclosedCVE-2024-30069Windows Remote Access Connection Manager Information...
Vulnerability Management
Blog

Patch Tuesday Update - May 2024

Tue, 05/14/2024
Fortra VM will include the Microsoft Patch Tuesday checks in the NIRV 4.42.0 and FVM Agent 2.7 releases.Microsoft addressed 61 vulnerabilities in this release, including 1 rated as Critical and 27 Remote Code Execution vulnerabilities.This release also includes fixes for CVE-2024-30040 and CVE-2024-30051 which are known to have been exploited in the wild.Windows MSHTML Platform Security Feature...
Vulnerability Management
Vulnerability Research

Patch Tuesday Update - April 2024

Tue, 04/09/2024
Fortra VM will include the Microsoft Patch Tuesday checks in the NIRV 4.40.0 and FVM Agent 2.6 releases.Microsoft addressed 150 vulnerabilities in this release, including 3 rated as Critical and 67 Remote Code Execution vulnerabilities.This release also includes a fix for the Proxy Driver Spoofing Vulnerability (CVE-2024-26234) that has been exploited in the wild.CVE/AdvisoryTitleTagMicrosoft...
Vulnerability Management
Blog

Patch Tuesday Update - March 2024

Tue, 03/12/2024
Fortra VM will include the Microsoft Patch Tuesday checks in the NIRV 4.38.0 and FVM Agent 2.5 releases.Microsoft addressed 60 vulnerabilities in this release, including 2 rated as Critical and 18 Remote Code Execution vulnerabilities.CVE/AdvisoryTitleTagMicrosoft Severity RatingBase ScoreMicrosoft ImpactExploitedPublicly DisclosedCVE-2024-20671Microsoft Defender Security Feature Bypass...
Vulnerability Management
Vulnerability Research

Patch Tuesday Update - February 2024

Tue, 02/13/2024
Fortra VM will include the Microsoft Patch Tuesday checks in the NIRV 4.36.0 and Fortra VM Agent 2.4 releases.Microsoft addressed 73 vulnerabilities in this release, including 5 rated as Critical and 30 Remote Code Execution vulnerabilities.This release also includes fixes for CVE-2024-21351 and CVE-2024-21412 that have been exploited in the wild.Internet Shortcut Files Security Feature Bypass...
Vulnerability Management
Blog

Cybersecurity and the Law: Taking Proactive Steps Before Needing Legal Action

Mon, 02/12/2024
How the justice system deals with cybercrime is still relatively new and finding its footing. How cybercriminals are leveraging the legal system is relatively new, too. Imagine a world where your organization gets hacked, and then, to add insult to injury, gets reported by the hackers for being out of compliance. Well, you don’t have to imagine too hard because those days are upon us. While the...
Vulnerability Management
Vulnerability Research

Patch Tuesday Update - January 2024

Tue, 01/09/2024
Fortra VM will include the Microsoft Patch Tuesday checks in the NIRV 4.34.0 and Agent 2.3 releases.Microsoft addressed 49 vulnerabilities in this release, including 2 rated as Critical and 12 Remote Code Execution vulnerabilities.CVE/AdvisoryTitleTagMicrosoft Severity RatingBase ScoreMicrosoft ImpactExploitedPublicly DisclosedCVE-2024-20666BitLocker Security Feature Bypass VulnerabilityWindows...
Vulnerability Management
Blog

ENISA’s New Report Highlights Cyber Investments and Pushes Vulnerability Management

By Mieng Lim on Mon, 01/08/2024
This past November, the European Union Agency for Cybersecurity (ENISA) released its NIS Investments Report 2023, a rundown of how critical EU operators have been investing in cybersecurity pursuant to the NIS Directive. It not only covers how dollars have been spent, but suggest how they ought to be going forward. One particular point of emphasis? Vulnerability management. Vulnerability...
Vulnerability Management