Patch Tuesday: Adobe & Microsoft Address 54 CVEs, 17 Critical
This month's Patch Tuesday brings significant security updates, with Adobe and Microsoft addressing a combined total of 54 CVEs, including 17 critical vulnerabilities. Adobe has released patches for multiple products, while Microsoft has focused on browser-related technologies and speculative execution vulnerabilities in Microsoft 365.
Adobe's release includes critical patches for Acrobat, Reader, and Flash, along with updates for Adobe Connect that were published in January 2019. Microsoft has addressed 16 critical CVEs in its browsers and browser-related technologies in Microsoft 365. Additionally, out-of-band patches have been released for Microsoft Exchange Server, addressing a vulnerability discovered in June.
Among the patched vulnerabilities is a critical issue in PowerShell Editor Services in Microsoft 365. A new side-channel attack on speculative execution has also been addressed, ranked as important. Microsoft has provided patches for Flash on supported operating systems and addressed an additional speculative execution vulnerability announced earlier this year in Microsoft 365. Browser vulnerabilities should be prioritized for workstation type devices.
With this month's Patch Tuesday, both Adobe and Microsoft have taken significant steps to mitigate numerous security risks in Microsoft 365. Users and administrators are advised to apply these updates promptly to ensure the safety and stability of their systems.
