Apple, Microsoft, Google, Mozilla and Adobe have all issued critical patches in the last week! Updating and patching these systems is critical to protecting yourself and your organization.

Apple has released patches for IOS (iPhones and iPad) devices and Mac OS for vulnerabilities that are reportedly being actively exploited.

Google has released security updates for its Chrome browser that are also reportedly being actively exploited in the wild.

Microsoft released patches for its Windows 10/11 and server Operating systems that include 3 critical 0-day flaws that have been implicated in recent malware campaigns.

Mozilla has patched a high severity flaws in its Firefox web browser that could allow an attacker to run arbitrary code on a system if the users clicks on the wrong URL or document.

Lastly, Adobe has released patches to address critical flaws in its Acrobat and Creative Cloud programs that could allow an attacker to run arbitrary code on a system if the users clicks on the wrong URL or document.

What do I need to do?

Users should complete the installation of patches when prompted and not delay or defer them.

Users of  Apple mobile devices should check for and install updates manually.

Specifically, the user should take the following actions:

• Updates can be manually installed for Windows and MacOS systems by following the directions below:
  • Apple MacOS: https://support.apple.com/en-us/HT201541
  • Microsoft Windows: https://support.microsoft.com/en-us/windows/update-windows-3c5ae7fc-9fb6-9af1-1984-b5e0412c556a
• Users should check for and install updates for all Apple IOS devices.
  • Apple IOS: https://support.apple.com/guide/iphone/update-ios-iph3e504502/ios
• Update Mozilla Firefox: https://support.mozilla.org/en-US/kb/update-firefox-latest-release
• Update Adobe Acrobat: https://helpx.adobe.com/acrobat/kb/install-updates-reader-acrobat.html
• Update Google Chrome: https://support.google.com/chrome/answer/95414

Additional Details:

• https://www.bleepingcomputer.com/news/apple/apple-fixes-safari-webkit-zero-day-flaw-exploited-at-pwn2own/
• https://www.bleepingcomputer.com/news/apple/apple-backports-fix-for-zero-day-exploited-in-attacks-to-older-iphones/
• https://www.bleepingcomputer.com/news/microsoft/microsoft-may-2024-patch-tuesday-fixes-3-zero-days-61-flaws/
• https://thehackernews.com/2024/05/chrome-zero-day-alert-update-your.html
• https://www.mozilla.org/en-US/security/advisories/mfsa2024-21/

As always if you have any additional questions or concerns about this latest security disclosure, please feel free to reach out.