Get ya Patch Tuesday Rundown here! As we do every month, we’ve put together a summary of what you can find in this month’s Patch Tuesday updates and what it might mean for you. June was about in line with what we found from Microsoft in last month’s Patch Tuesday with 49 vulnerabilities addressed vs. 55 in May. But, it represents 33% fewer vulnerabilities on average for each month so far this year. Of these 49 vulnerabilities, 5 were rated as critical, one more than last month, and 52% lower on average. Unfortunately, 6 vulnerabilities are being actively exploited in the wild, one more than the highest monthly number seen so far this year.
These 6 actively exploited vulnerabilities can enable an attacker to gain control of a system, illegally gain critical information, and compromise the security of infrastructure through a vulnerable system. While Automox recommends that all critical vulnerabilities are patched within a 72 hour window, the fact that many of this month’s critical vulnerabilities have no workarounds raises our recommendation to patching these systems with the highest priority. To find a breakdown of these critical and exploited vulnerabilities, take a look at the Automox Team June Patch Tuesday recap here.
Meanwhile, Adobe has released updates for 10 products, with each bulletin receiving Adobe Priority Rating 3, except for the bulletins relating to Acrobat & Reader and Experience Manager which were raised to Priority Rating 2. Many of these updates resolve critical vulnerabilities that can result in arbitrary code execution on both Windows and macOS if successfully exploited. As PDFs are ubiquitous, Adobe Reader & authoring products are often among the most widely installed software on organizational endpoints.
Plus, Mozilla also entered the field again with updates for Firefox, Thunderbird, Firefox for iOS, and Firefox ESR. You can find a list of all of the patches mentioned above in our June Patch Tuesday Index and a more detailed breakdown of these patches here.