In August 2023, both Adobe and Microsoft released critical security updates to address vulnerabilities present in their respective software products. These vulnerabilities, if exploited, could potentially allow attackers to compromise systems and gain unauthorised access. The Cybersecurity and Infrastructure Security Agency (CISA) in the USA and the Australian Cyber Security Centre (ACSC) have issued advisories urging users and administrators to promptly apply the necessary updates to ensure the security of their systems.
Adobe Security Updates
Release Date: August 08, 2023
Adobe has identified multiple vulnerabilities across various products within its software suite. These vulnerabilities, if exploited by malicious actors, can lead to the compromise of affected systems. Users and administrators are strongly advised to review the following Adobe Security Bulletins and take appropriate actions:
- Adobe Acrobat and Reader: APSB23-30
- Adobe Commerce: APSB23-42
- Adobe Dimension: APSB23-44
- Adobe XMP Toolkit SDK: APSB23-45
Users are recommended to update their software installations to the latest versions as soon as possible. Adobe provides several methods to achieve this:
- Manual Update: Users can manually update their product installations by navigating to Help > Check for Updates within the software interface.
- Automatic Update: Products can also be configured to update automatically when updates are detected, requiring no user intervention.
- Full Installer Download: The complete Acrobat Reader installer can be downloaded from the Acrobat Reader Download Center.
For IT administrators managing multiple systems, Adobe recommends referring to the specific release notes for links to installers. Updates can then be deployed using preferred methods, including AIP-GPO, bootstrapper, SCUP/SCCM (Windows), or Apple Remote Desktop and SSH on macOS.
Microsoft Security Updates
Release Date: August 08, 2023
Microsoft has also addressed vulnerabilities within its software ecosystem with the release of the August 2023 Security Updates. These vulnerabilities could potentially allow unauthorised access and control of affected systems. CISA and ACSC strongly advise users and administrators to carefully review Microsoft’s August 2023 Security Update Guide and apply the necessary updates without delay.
This release includes a total of 74 Microsoft CVEs (Common Vulnerabilities and Exposures) and 2 advisories, covering a range of products and components. It is crucial for organisations and individuals to prioritise the installation of these updates to mitigate the risk of potential exploitation.
In a rapidly evolving digital landscape, the timely application of security updates is paramount to safeguarding systems and data. Adobe and Microsoft have taken significant steps to address vulnerabilities present within their products, and users and administrators must take proactive measures to ensure their systems are adequately protected. By following the recommended update procedures outlined in the security bulletins, individuals and organisations can fortify their defences against potential cyber threats.