SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast) SANS Stormcast Wednesday, July 9th, 2025: Microsoft Patches; Opposum Attack;
Jul 9, 2025
A major patch day for Microsoft sees 139 vulnerabilities addressed, with 14 rated as critical. The discussion also highlights a new TLS vulnerability known as the 'opossum attack,' which lets attackers inject requests in specific configurations. Additionally, Ivanti has rolled out updates to tackle significant issues in their products, including a concerning password decryption flaw. Tune in for insights on these emerging threats and essential fixes in the cybersecurity landscape!
AI Snips
Chapters
Transcript
Episode notes
Microsoft July 2025 Patch Guidance
- Patch the 139 Microsoft vulnerabilities carefully, focusing on critical remote code execution and information disclosure issues.
- Test patches before deployment and prioritize timely application before next Patch Tuesday.
Opposum Attack Analysis
- The Opposum attack exploits a rare TLS server setup allowing HTTP and HTTPS on one port, enabling request injection.
- It causes clients to get incorrect pages without decrypting TLS traffic, with no fix if both HTTP and HTTPS must share a port.
Ivanti Security Patch Advice
- Update Ivanti Endpoint Manager to fix vulnerabilities that allow password decryption and SQL injection.
- Do not allow administrators to access decrypted user passwords; patch immediately.