March brought us back to a more exciting time, compared to February. Microsoft has addressed 89 new vulnerabilities this month, representing a 60% increase from the previous month. Of this total, 14 are rated as “critical” with 5 that are being actively being exploited in the wild. And you didn’t think I’d miss the whole Microsoft Exchange incident, did you? 4 of those exploited vulnerabilties are specific to Microsoft Exchange Server.
These Microsoft Exchange vulnerabilities were important enough for the “CISA,” the US Cybersecurity and Infrastructure Security Agency, to issue an emergency directive following the release of fixes for these zero-day vulnerabilities in Microsoft Exchange.
In the midst of more severe vulnerabilities, Adobe had a modest release of three security updates addressing a handful of vulnerabilities, 5 of which are critical affecting Creative Cloud Desktop Application (APSB21-18), Adobe Connect (APSB21-19), and Adobe Framemaker (APSB21-14). Admins contending with the more serious fallout of recent nation-state attacks might consider prioritizing APSB21-18.
Don’t forget to register for our Patch Tuesday webinar tomorrow, 3/10 at 12pm ET!