Hello Community - Happy Spring!
I don’t know if it’s spring quite yet for you, but let’s just pretend like it is.
It’s time to review Patch Tuesday, so let’s get right into it!
Microsoft had 71 vulnerabilities this month - inline with the 12-month rolling average of 73 per month we’ve seen. Only 3 of these are rated critical. And more good news, no exploited vulnerabilities so far this year! That being said, updates should not be delayed.
Apple disclosed multiple vulnerabilities throughout last month requiring updates to iOS, iPad, watchOS and macOS. Since Apple doesn’t discuss or confirm vulnerabilities until they’ve conducted their own investigation, we recommend prioritizing these updates for your organization.
Google released Chrome 99, and if you haven’t updated yet, be aware that there is an actively exploited zero-day in Chrome 99. They also released a total of 34 security fixes for the month. Be sure to update your instances of Chrome as soon as possible.
Adobe has released updates for 3 of their products, all given a priority rank of three. This indicates these products have not historically been a target for attackers. Nonetheless, it’s always important to update to the latest versions.
Mozilla had two zero-day, actively exploited vulnerabilities for Firefox released this week that allow RCE. We recommend patching these within 24hrs for your organization.
See ya next time!
Jessica Starkey | Technical Marketing Engineer