Four Critical Vulnerabilities in IBM AIX: Why You Should Patch Now
IBM has released a patch for four critical CVEs in IBM AIX and IBM VIOS (CVE‑2025‑36250, CVE‑2025‑36251, CVE‑2025‑36236, and CVE‑2025‑36096) that allow a remote attacker without privileges to perform arbitrary commands on an IBM Network Installation Manager (NIM) that’s exposed to the internet. This means that they could 'hijack' unattended operating system installations and updates to deploy malicious payloads onto AIX hosts, move laterally, and persist in the broader environment. Find out more about each vulnerability, how to find out if you’re affected, and how to patch your systems.
Microsoft Patch Tuesday November 2025: Known Exploited Zero-Day
On Tuesday, Microsoft released updates addressing 63 vulnerabilities across Windows, Office, Edge, Azure Monitor Agent, Dynamics 365, Hyper-V, SQL Server, WSL GUI, and more. Of these, 4 are rated critical, and at least one of the critical vulnerabilities (CVE-2025-62215) is already being exploited in the wild and listed in CISA’s Known Exploited Vulnerabilities (KEV) catalog. In this blog, we’ll list what’s addressed in the Microsoft patch, which vulnerabilities are most critical, and how to patch them.
Windows 10 EOL: Why 5% of Corporate Workloads Still Run It
Microsoft support for Windows 10 officially ended today. Although this has been in the works for a long time and officially announced at the end of 2024, there are still many businesses running Windows 10 on their endpoints. In fact, we found that 5.25% of all workloads scanned by Mondoo are still running Windows 10. Why is the percentage still so high? What reasons could companies have for not upgrading and what will this mean for their security?
Microsoft Patch Tuesday August 2025: How to Prioritize Vulnerabilities for Patching
Microsoft’s August 2025 Patch Tuesday has landed, and this month’s security updates pack a serious punch. With multiple critical vulnerabilities addressed, including flaws that could allow remote code execution, privilege escalation, and data exposure, this release is more than just routine maintenance. In this post, we’ll spotlight the most dangerous CVEs being addressed, explain what systems they impact, and how to determine which updates to prioritize.
Mondoo Offers Security and Compliance for IBM LinuxONE Workloads
We’re excited to announce that the Mondoo Platform now supports IBM LinuxONE, providing unified and automated security and compliance for mission-critical workloads and hybrid cloud environments. Mondoo’s unique ability to cover cloud and on-prem from a single user interface as well as automate policy creation and remediation processes, allow IBM LinuxOne users to reduce manual work and accelerate remediation- significantly improving their security posture.
Overview of Changes and New Security Features in Windows Server 2025
The release of Windows Server 2025 marks a significant milestone in Microsoft's server operating system evolution. Launched on November 1, 2024, this Long-Term Servicing Channel (LTSC) release brings a comprehensive suite of security enhancements, improved hybrid cloud capabilities, and notable performance optimizations. Whether you're a seasoned IT administrator or planning your organization's infrastructure upgrade, the new features in this release deserve your attention.
Exploring the Latest Security Features in Ubuntu 24.04
In the mere two years since the previous LTS release of Ubuntu shipped, the technology landscape has changed in profound ways. Because we’ve seen an explosion of ransomware attacks and critical Linux CVEs, it’s more important than ever to secure Linux systems. Thankfully, the industry has responded with a focus on security in Linux core components. That emphasis makes Ubuntu 24.04 perhaps the most important Ubuntu release ever for those concerned with securing their systems. We’ve combed through various Linux project changelogs, Debian package maintainer mailing lists, and piles of pages on Canonical's Launchpad system to bring you a definitive list of everything new in security in Ubuntu 24.04. Think we missed something important? Let us know at hello@mondoo.com.
Microsoft 365 CIS Benchmark 3.0: What You Need to Know
The CIS Microsoft 365 Benchmark version 3.0 is an updated set of security guidelines tailored for the Microsoft 365 environment. This new version reflects the latest best practices and security configurations suitable for Microsoft 365, addressing the evolving cybersecurity landscape. It includes revised recommendations, new security controls, and adjustments to existing guidelines, ensuring that users can effectively secure their Microsoft 365 deployments. The benchmark is designed to assist organizations in enhancing their security posture and achieving compliance with industry standards.
What’s New in Security for Ubuntu 23.10
It’s that time of the year again: With a new release of Ubuntu Linux on the horizon, we’re continuing our tradition of diving deep into what’s new in security. This release is probably Ubuntu's smallest in recent memory in terms of new security features, but that doesn’t mean it’s not worth upgrading.
Windows CIS Benchmarks 2.0: What You Need to Know
The Center for Internet Security (CIS) recently released an updated 2.0 version of their workstation and server benchmarks for Windows 10, 11, 2016, 2019, and 2022. These new releases come with significant changes, including new security recommendations and the removal of outdated practices.
What’s New in Debian 12 Security
It’s been almost two years since Debian 11 was released, and since then the Linux community as well as Debian package maintainers have been busy shipping exciting new security features. There are literally too many to list in a blog post like this, so we’ll see if we can cover some of the most interesting new features you may have missed if you’re not reading through changelogs with a fine toothed comb.
CIS Hardening Helper Series by Mondoo - Part 1
In the pursuit of hardening various Linux systems to comply with the Center for Internet Security (CIS) Benchmarks, system administrators frequently encounter two common issues. The CIS Benchmarks are standards for securely configuring a system, and they're widely adopted as best practices for hardening systems against cyber threats.
Upgrade your Security with Latest Features in Ubuntu 23.04
It’s that time of the year again for a new release of Ubuntu Linux, and here at Mondoo, we’re going to continue our tradition of discovering what’s new in security. Ubuntu 23.04 may not bring revolutionary security changes, as it has only been 6 months since Ubuntu 22.10 came out, and not many core components have received major updates. However, Ubuntu 23.04 offers refinements to its predecessor, with plenty of patch release updates included. There are significant updates to popular bundled servers such as MariaDB, PostgreSQL, and Samba. Domain controller or database server users running Ubuntu should stay tuned for some good reasons to upgrade to 23.04.
Amazon Linux 2023: A Comprehensive Overview of New Features and Updates
Nearly five years after the first release of Amazon Linux 2, Amazon has introduced a new Amazon Linux LTS release, Amazon Linux 2023. This update brings significant changes for administrators and application developers, making it an attractive alternative to other distributions like Ubuntu 22.04.
Exploring the Latest Security Features in Ubuntu 22.10
If you're a sysadmin considering updating your desktop deployments or running non-LTS builds on servers, this guide is for you. In this article, we will explore the latest security features in Ubuntu 22.10 (Kinetic Kudu), including upgrades to OpenSSH 9.0, Sudo 1.9.11, Systemd 251, and Kernel 5.19. While this release may not have many new security features, it includes some significant upgrades that make it worth exploring.
Protect Your VMware ESXi Servers from ESXiArgs Ransomware with CVE-2021-21974 Patch
VMware ESXi servers have been targeted by a new ransomware called ESXiArgs. The attackers are exploiting a two-year-old vulnerability, CVE-2021-21974, in the OpenSLP service. The vulnerability is caused by a heap overflow issue and can be exploited by unauthenticated actors. ESXi servers in versions 6.x and prior to 6.7 are the current target. VMware confirmed that this attack exploits older ESXi flaws and not a zero-day vulnerability.
Mondoo’s Full-Stack Security Platform Is Now Red Hat Certified
Mondoo’s full-stack security platform has always featured industry-leading operating systems and cloud support, and now that support is vendor certified. We’re delighted to announce that Mondoo Client is now officially certified for Red Hat Enterprise Linux 8 and 9 operating system releases running on both x86 and ARM architectures.
A Complete Guide to Easy Windows Patch Management
Patch management involves distributing and applying updates to software, essential for security, compliance, and system uptime. Mondoo provides solutions to identify missing patches and facilitate their deployment across various systems, ensuring a robust security posture and smooth operation.
A Complete Guide to Easy Linux Patch Management
Patch management involves distributing and applying updates to software, including operating systems, platforms, and applications, to fix vulnerabilities and ensure system security, compliance, and uptime. Mondoo offers solutions to identify missing patches and facilitate their deployment across various systems, enhancing overall security and operational efficiency.
What Do the New Security Guidelines for PowerShell Mean for You?
Cybersecurity agencies in the US, UK, and New Zealand have issued new recommendations for securing Windows PowerShell. Let’s see how different these guidelines are from existing CIS and STIG benchmarks, and how you can put them to action.
Amazon Linux 2022 features and how to check for vulnerabilities
The year of LTS Linux releases continues! Amazon is now shipping preview releases for Amazon Linux 2022, their latest long-term support (LTS) version of Amazon Linux. With this version, Amazon joins the LTS party started by Ubuntu Server 22.04 LTS, which we previously discussed in this blog.
New Security Features in Ubuntu 22.04 Server
Canonical recently released their latest long-term support (LTS) version of Ubuntu with Ubuntu 22.04 codenamed Jammy Jellyfish. Ubuntu ships an LTS release every two years in April and supports them for a full five years (instead of the usual 18-month support cycles). This extended support cycle makes LTS releases ideal for servers. What exactly is new in Ubuntu 22.04, though? There are plenty of articles showing the latest logos, desktop backgrounds, and display drivers, but nothing that really informs sysadmins.
CentOS 8 is EOL - How to migrate to AlmaLinux and secure the new host
On December 31st, 2021, CentOS 8 officially went end-of-life. This brought an end to one of the most venerable Linux server distributions. CentOS had long been the go-to alternative Linux distribution for teams looking for the stability and compatibility of Red Hat Enterprise Linux (RHEL) without the high licensing costs. The distro was a near-perfect clone of RHEL with the exception of copyrighted terms/logos and some proprietary management software.
Ready to Transform Your Security?
See how Mondoo can help you find and fix vulnerabilities faster.