Microsoft has released a single patch this month, but don't forget to check out serious updates from Adobe or Oracle.
In its monthly patching exercise, Microsoft released just one fix, for a "critical" flaw in Embedded OpenType Font. The vulnerability needs a user to visit a malicious web page before it hurts computers, however.
Adobe released patches for critical vulnerabilities, including one for a zero-day flaw in Reader and Acrobat, which was discovered last month. In its security bulletin, the firm said: "These vulnerabilities could cause the application to crash and could potentially allow an attacker to take control of the affected system."
Adobe said the flaw is actively being exploited, but at the time of the discovery decided to keep the fix within its regular patching cycle.
"This has been a relatively quiet month in terms of patch updates from Microsoft," said Ben Greenbaum, senior research manager at Symantec Security Response, in a statement.
"However, we would urge users to pay particular attention to the Adobe update which addresses a serious vulnerability where attempts have been made to steal source code from the some of the world's largest organisations including Google," he added.
Oracle also joined in the fun. It's quarterly patch fixed 25 flaws across seven products, including its database engine.
"The majority of the [Oracle] vulnerabilities are remotely exploitable without authentication and IT admins should be taking a close look at the exposure these products have in their networks," Qualys chief technology officer Wolfgang Kandek said in a statement.
He added: "In general database engines should have no necessity to be connected to open networks, but the application servers are very likely exposed."
-
Should AI PCs be part of your next hardware refresh?AI PCs are fast becoming a business staple and a surefire way to future-proof your business
-
Westcon-Comstor and Vectra AI launch brace of new channel initiativesNews Westcon-Comstor and Vectra AI have announced the launch of two new channel growth initiatives focused on the managed security service provider (MSSP) space and AWS Marketplace.
-
Organizations shift away from Oracle Java as pricing changes biteNews A survey from Azul Systems finds that, along with cost, customers cite a preference for open source and the threat of a Java usage audit
-
Why Java 17 growth is ‘exploding’News Java 17 is now the most popular LTS version, according to application data from New Relic, but what's driving this growth?
-
SuiteWorld 2023: NetSuite's day-two announcementsLive Blog Keep up-to-date with all the day-two announcements from NetSuite SuiteWorld 2023
-
Adobe co-founder John Warnock dies aged 82News Warnock was pivotal in the development of the PostScript programming language in the early 80s
-
Microsoft defends “negligent” security approach that prolonged vulnerability fix for five monthsNews The tech giant has refuted claims that its practices have left customers “in the dark”
-
Ubuntu shifts to four-week update cycleNews Critical fixes will also come every two weeks, mitigating the issues involved with releasing prompt patches on the old three-week cadence
-
Can Oracle really be Linux's knight in shining armor?Opinion The self-proclaimed champion of open source freedom would like you to forget about its history
-
Microsoft angers admins as April Patch Tuesday delivers password feature without migration guidanceNews Security fixes include a zero day exploited by a ransomware group and seven critical flaws
