With Microsoft’s Patch Tuesday other vendors also release patches and updates around the same time. Here are the notifications from the US government Cybersecurity and Infrastructure Security Agency (CISA) – a good resource for keeping up with the major vendor patches:
First of course their notification for Microsoft’s releases:
Microsoft Releases February 2023 Security Updates | CISA
Apple does not do “Patch Tuesday” but they did release some security patches at about the same time:
Apple Releases Security Updates for Multiple Products | CISA
Adobe, Mozilla and Citrix all released security updates:
Adobe Releases Security Updates for Multiple Products | CISA
Mozilla Releases Security Updates for Firefox 110 and Firefox ESR | CISA
Citrix Releases Security Updates for Workspace Apps, Virtual Apps and Desktops | CISA
Known Exploited Vulnerabilities Catalog
CIS maintains a database of known exploits with mitigation advice. Here are two recent updates covering Microsoft, Apple, Intel, TerraMaster and Fortra:
CISA Adds Three Known Exploited Vulnerabilities to Catalog | CISA
CISA Adds Four Known Exploited Vulnerabilities to Catalog | CISA
The Apple and Microsoft flaws (including a Microsoft flaw that would bypass the latest macro protection) have been patched with this week’s Patch Tuesday and Apple security updates.
CISA also releases industrial control system advisories – if you are responsible for these types of systems you should monitor their news page:
My advice: Either you or your IT support need to check whether these issues impact your systems. You need to have a master document that details your systems, hardware, software, online, networks, back-ups, suppliers etc – so when cyber security (or operational) issues arise you and your support teams can quickly check if you are affected. From there you can take fast, effective action.
Further Reading
Microsoft Office Macros – The Good, The Bad and the Ugly
