# Patch Tuesday - Vulnerability Summary

In [30]:
import pandas as pd
from IPython.display import Markdown, display

## Read CSV into a Pandas DataFrame


In [31]:
patch_tuesday_df = pd.read_csv("../../data/patch_tuesday/processed/patch_tuesday_prioritized.csv")

## Summary of the Latest Patch Tuesday Security Updates

In [33]:
# Function to display Markdown text
def print_md(text):
    display(Markdown(text))


# Data Extraction

# Total CVEs
total_cves = patch_tuesday_df["CVE"].nunique()

# Severity Distribution with percentages
severity_counts = patch_tuesday_df["Severity"].value_counts()
severity_percentages = patch_tuesday_df["Severity"].value_counts(normalize=True).mul(100).round(1)
severity_dict = severity_counts.to_dict()
severity_percentage_dict = severity_percentages.to_dict()

# Affected Products
total_products_affected = patch_tuesday_df["Product"].nunique()

# For percentages, calculate the percentage of total vulnerabilities each product represents
product_counts = patch_tuesday_df["Product"].value_counts()
top_affected_products_counts = product_counts.head(3)
total_vulnerabilities = patch_tuesday_df.shape[0]
top_affected_products_percentages = top_affected_products_counts.div(total_vulnerabilities).mul(100).round(1).to_dict()

# Top 5 Prioritized Vulnerabilities based on CVSS and EPSS
top_5_vulnerabilities = (
    patch_tuesday_df.sort_values(by=["CVSS", "EPSS"], ascending=[False, False])
    .head(5)[["CVE", "CVSS", "EPSS", "Title"]]
    .to_dict(orient="records")
)

# Impact Analysis with percentages
impact_counts = patch_tuesday_df["Impact"].value_counts()
impact_percentages = patch_tuesday_df["Impact"].value_counts(normalize=True).mul(100).round(1)
impact_dict = impact_counts.to_dict()
impact_percentage_dict = impact_percentages.to_dict()

# Display Summary
print_md("**Patch Tuesday Summary: Key Highlights from the Latest Security Updates**\n")

# Overview
print_md("**🔍 Overview**\n")
print_md(
    f"- **Total Vulnerabilities Addressed**: {total_cves} CVEs have been patched.")
print_md("- **Severity Breakdown**:")
for severity in ["Critical", "Important", "Moderate", "Low"]:
    count = severity_dict.get(severity, 0)
    percentage = severity_percentage_dict.get(severity, 0.0)
    if count > 0:
        print_md(f"  - **{severity}**: {count} vulnerabilities ({percentage:.0f}%)")

# Affected Products
print_md("\n**🛠️ Affected Products**\n")
print_md(
    f"- {total_products_affected} products are affected.")
print_md("- **Top Affected Products**:")
for product in top_affected_products_counts.index:
    count = top_affected_products_counts[product]
    percentage = top_affected_products_percentages[product]
    print_md(f"  - **{product}**: {count} vulnerabilities ({percentage:.0f}%)")

# Top 5 Prioritized Vulnerabilities
print_md("\n**🚨 Top Prioritized Vulnerabilities**\n")
for idx, vuln in enumerate(top_5_vulnerabilities, 1):
    cvss_score = vuln['CVSS']
    epss_score = vuln['EPSS']

    # Interpret EPSS score
    if epss_score >= 0.7:
        epss_risk = "Elevated risk of exploitation"
    elif epss_score >= 0.3:
        epss_risk = "Notable risk"
    else:
        epss_risk = "Lower risk"
    # Interpret CVSS score
    if cvss_score >= 9.0:
        cvss_rating = "Critical"
    elif cvss_score >= 7.0:
        cvss_rating = "High"
    elif cvss_score >= 4.0:
        cvss_rating = "Moderate"
    else:
        cvss_rating = "Low"
    print_md(f"{idx}. **{vuln['CVE']}**")
    if pd.notna(vuln['Title']):
        print_md(f"   - *Title*: {vuln["Title"]}")

    print_md(f"   - *CVSS Score*: {cvss_score} ({cvss_rating})")
    if pd.notna(vuln['EPSS']):
        print_md(f"   - *EPSS Score*: {epss_score} ({epss_risk})")

# Impact Analysis
print_md("\n**💥 Impact Analysis**\n")
for impact, count in impact_dict.items():
    percentage = impact_percentage_dict[impact]
    print_md(f"- **{impact}**: {count} vulnerabilities ({percentage:.0f}%)")

**Patch Tuesday Summary: Key Highlights from the Latest Security Updates**


**🔍 Overview**


- **Total Vulnerabilities Addressed**: 375 CVEs have been patched.

- **Severity Breakdown**:

  - **Critical**: 10 vulnerabilities (10%)

  - **Important**: 83 vulnerabilities (84%)

  - **Moderate**: 6 vulnerabilities (6%)


**🛠️ Affected Products**


- 61 products are affected.

- **Top Affected Products**:

  - **Mariner**: 246 vulnerabilities (66%)

  - **Microsoft Edge (Chromium-based)**: 35 vulnerabilities (9%)

  - **Windows Routing and Remote Access Service (RRAS)**: 6 vulnerabilities (2%)


**🚨 Top Prioritized Vulnerabilities**


1. **CVE-2022-36648**

   - *CVSS Score*: 10.0 (Critical)

2. **CVE-2024-41110**

   - *CVSS Score*: 9.9 (Critical)

   - *EPSS Score*: 0.00045 (Lower risk)

3. **CVE-2024-42154**

   - *CVSS Score*: 9.8 (Critical)

   - *EPSS Score*: 0.00378 (Lower risk)

4. **CVE-2024-38199**

   - *Title*: Windows Line Printer Daemon (LPD) Service Remote Code Execution Vulnerability

   - *CVSS Score*: 9.8 (Critical)

   - *EPSS Score*: 0.00143 (Lower risk)

5. **CVE-2024-38140**

   - *Title*: Windows Reliable Multicast Transport Driver (RMCAST) Remote Code Execution Vulnerability

   - *CVSS Score*: 9.8 (Critical)

   - *EPSS Score*: 0.00143 (Lower risk)


**💥 Impact Analysis**


- **Elevation of Privilege**: 39 vulnerabilities (39%)

- **Remote Code Execution**: 33 vulnerabilities (33%)

- **Spoofing**: 8 vulnerabilities (8%)

- **Information Disclosure**: 8 vulnerabilities (8%)

- **Denial of Service**: 6 vulnerabilities (6%)

- **Security Feature Bypass**: 4 vulnerabilities (4%)

- **Tampering**: 1 vulnerabilities (1%)