With Microsoft’s Patch Tuesday other vendors also release patches and updates around the same time. Here are the notifications from the US government Cybersecurity and Infrastructure Security Agency (CISA) – a good resource for keeping up with the major vendor patches:
First of course their notification for Microsoft’s releases:
Microsoft Releases February 2023 Security Updates | CISA
Apple does not do “Patch Tuesday” but they did release some security patches at about the same time:
Apple Releases Security Updates for Multiple Products | CISA
Adobe, Mozilla and Citrix all released security updates:
Adobe Releases Security Updates for Multiple Products | CISA
Mozilla Releases Security Updates for Firefox 110 and Firefox ESR | CISA
Citrix Releases Security Updates for Workspace Apps, Virtual Apps and Desktops | CISA
Known Exploited Vulnerabilities Catalog
CIS maintains a database of known exploits with mitigation advice. Here are two recent updates covering Microsoft, Apple, Intel, TerraMaster and Fortra:
CISA Adds Three Known Exploited Vulnerabilities to Catalog | CISA
CISA Adds Four Known Exploited Vulnerabilities to Catalog | CISA
The Apple and Microsoft flaws (including a Microsoft flaw that would bypass the latest macro protection) have been patched with this week’s Patch Tuesday and Apple security updates.
CISA also releases industrial control system advisories – if you are responsible for these types of systems you should monitor their news page:
My advice: Either you or your IT support need to check whether these issues impact your systems. You need to have a master document that details your systems, hardware, software, online, networks, back-ups, suppliers etc – so when cyber security (or operational) issues arise you and your support teams can quickly check if you are affected. From there you can take fast, effective action.
