Other vendors issue their monthly security and feature patches on or around Microsoft Patch Tuesday – it makes sense to get the updates all done together.
The US government Cybersecurity and Infrastructure Security Agency (CISA) – one of my go to cyber security sites – issues regular round-ups of the most commonly used by the US Government. It is still a useful list for other organisations.
Here is the notice for Microsoft’s updates:
Microsoft Releases August 2023 Security Updates
Other advisories are:
Adobe Releases Security Updates for Multiple Products
Fortinet Releases Security Update for FortiOS
Known Exploited Vulnerabilities Catalog
The database of exploited software flaws is another useful tools. Recent updates include Microsoft .net and Zyxel Routers.
Known Exploited Vulnerabilities Catalog
Your takeaway
You need to have an operational list of the software and hardware you use and monitor if they need patching and check the patching gets done.
CISA also releases industrial control system advisories – if you are responsible for these types of systems you should monitor their news page:
My advice: Either you or your IT support need to check whether these issues impact your systems. You need to have a master document that details your systems, hardware, software, online, networks, back-ups, suppliers etc – so when cyber security (or operational) issues arise you and your support teams can quickly check if you are affected. From there you can take fast, effective action.
Clive Catton MSc (Cyber Security) – by-line and other articles