Could the Vulnerability Fujiwhara Effect Be the New Normal?

Feb 26, 2021

Besides death and taxes, there seems to be one more thing we can rely on as certain—software vulnerabilities.

With new software being released at a faster rate than old software is being discontinued, it seems likely that the number of vulnerability disclosures per year will maintain the accelerating upward trend seen since 2016. Following logically, we can also expect the number of patches for these vulnerabilities to increase accordingly.

Last year, risk-based security coined the phrase “Vulnerability Fujiwhara Effect”. In meteorology, the Fujiwhara Effect is a phenomenon that occurs when two tropical weather systems get close to each other and occasionally merge. For vulnerability management, this phenomenon occurs when multiple software behemoths like Microsoft, Oracle, or Adobe release their software updates and patches on the same day. This confluence of patch releases creates major headaches for IT teams and occurred three times in 2020.

Given that Microsoft had a total of 1,250 patches last year (an increase of 49% from 2019), it seems likely that headaches will become the norm with Fujiwhara Patch Tuesdays being the expected forecast.

Managing this vulnerability onslaught will test the mettle of IT departments across the globe. As we all know, not every patch needs to be implemented immediately, but how do we determine which vulnerabilities are the most critical? 

TOPIA, an efficient, streamlined, and aesthetically pleasing vulnerability management system, figures it out for you. Based on your organization’s unique digital footprint, TOPIA prioritizes vulnerabilities using predictive analysis, contextual risk and known CVEs. Any available patches can be implemented immediately or scheduled during off hours. Patches can be implemented on a single high-risk asset, within an individual team or department, or throughout your entire organization. The keys to adapting to this inundation of vulnerabilities are automation and flexibility. TOPIA gives you both and makes them easy to use.


Photo by Ibrahim Rifath on Unsplash


  • #vicarius_blog


Written by

Kent Weigle

Recent Posts

  • 1

    CISAnalysis - September 30, 2022

    Evan Kling September 30, 2022
  • 2

    Not So Fast: Analyzing the FastCompany Hack

    John Kilhefner September 29, 2022
  • 3

    How to test application with ZAP - Part Two

    Jenny R September 28, 2022
  • 4

    How to test application with ZAP - Part One

    Jenny R September 28, 2022
  • 5

    The World's Worst Hackers Have Flags

    Paul Lighter September 27, 2022

Start Closing Security Gaps

  • Risk reduction from Day 1
  • Fast set-up and deployment
  • Unified platform
  • Full-featured 30-day trial