Hi, everybody - Chad here. Well, we’ve all survived another Patch Tuesday, and here’s a quick rundown. For more info, be sure to check out this month’s Patch Tuesday webinar or blog. August proved to be a lighter month than usual, with just 51 vulnerabilities addressed from Microsoft (seven of which are rated as critical, and only 1 being actively exploited in the wild). This shows a 56% reduction in overall vulnerabilities from July, and 33% fewer vulnerabilities on average for each month so far this year.
On the Automox Patch Tuesday blog, @Eric writes, “This month’s vulnerabilities seem to follow a trend, impacting components in Microsoft Windows that perform network communications, internet connections, printing, file repair, and remote connections…The trend is that remote work is here to stay, making the prioritization of patching these components all the more vital.”
In Adobe news, they gave everyone a break this month and only released two vulnerabilities. Our own @Peter-AX writes on the Automox Blog, “Adobe issued just two security bulletins this month for Magento Commerce and Open, as well as Connect. Mercifully, a lighter month compared to July for Adobe products…The most serious vulnerabilities include arbitrary code execution and security feature bypass outlined in APSB21-64 affecting Magento Commerce and Open Source versions 2.4.3, 2.4.2-p2 and 2.3.7-p1 on all platforms. A handful of the vulnerabilities sport CVSS scores over 9, so we recommend patching within 72 hours.”
As always, stay up to date with Automox Patch Tuesday Central, where you can subscribe to instant vulnerability updates.