Tenable Achieves PROTECTED IRAP & Hits Record Patch Tuesday

Tenable Cloud Security has officially achieved PROTECTED level certification under Australia’s Information Security Registered Assessors Program (IRAP), a significant milestone that validates the platform’s robust security controls for government cloud deployments. An independent IRAP assessor endorsed by the Australian Signals Directorate thoroughly evaluated Tenable’s Cloud-Native Application Protection Platform against stringent Information Security Manual controls. This independent review provides government agencies with the confidence that Tenable’s underlying security measures meet the high standards required to protect sensitive data, enabling more informed, risk-based decisions for their cloud security strategies.

Robert Huber, Tenable’s Chief Security Officer and Head of Public Sector, emphasized the importance of this achievement. “While cloud environments deliver unmatched agility and scalability for government operations, they also introduce considerable security complexities,” Huber stated. “Completing this PROTECTED assessment reinforces our steadfast commitment to supporting the rigorous security requirements of the Australian government through verified, independently assessed controls.”

As agencies increasingly adopt multi-cloud infrastructures, they often struggle with fragmented security tools and a shortage of specialized expertise. Tenable Cloud Security confronts these challenges head-on by delivering a unified platform that integrates security throughout the entire cloud development lifecycle. This proactive methodology allows organizations to pinpoint and remediate vulnerabilities within their code long before deployment, drastically shrinking the attack surface and improving threat visibility across all cloud assets.

In a separate development, Tenable highlighted the unprecedented scale of Microsoft’s October 2025 Patch Tuesday, which addressed a record-breaking 167 common vulnerabilities and exposures. This release surpasses the previous high of 157 CVEs documented in January 2025. Among the October patches, seven vulnerabilities were classified as critical, 158 as important, and two as moderate. Elevation of Privilege flaws made up nearly half of all patched issues at 47.9%, while Remote Code Execution vulnerabilities accounted for 17.4%.

Satnam Narang, a Senior Staff Research Engineer at Tenable, provided context for the milestone. “With two months still left in the year, Microsoft has already exceeded last year’s total of 1,009 patched CVEs, reaching 1,021 with this October release,” Narang noted. “Our tracking excludes CVEs patched outside of Patch Tuesday or those not issued directly by Microsoft.”

Several vulnerabilities stood out due to their severity and active exploitation. Two flaws in the Agere Modem driver, bundled with Windows for nearly two decades, were particularly notable. CVE-2025-24990 was exploited as a zero-day before patches were available, while CVE-2025-24052 had been publicly disclosed prior to the update. Even when the modem is inactive, these vulnerabilities could allow attackers to gain administrator privileges. Microsoft’s solution involves completely removing the vulnerable driver, ltmdm64.sys, via the October cumulative update.

Another significant zero-day, CVE-2025-59230, affects the Windows Remote Access Connection Manager (RasMan), a service managing VPN and dial-up connections. Although RasMan has been patched repeatedly since early 2022, this marks the first instance of in-the-wild zero-day exploitation.

Microsoft Office users should also be alert to two remote code execution vulnerabilities, CVE-2025-59227 and CVE-2025-59234. These flaws are especially dangerous because they can be triggered through the Preview Pane, meaning simply previewing a malicious email attachment, without opening the file, could lead to compromise. Attackers would typically use social engineering to lure targets into previewing rigged Office documents.

(Source: ITWire Australia)