Patch Tuesday April 2023

Patch Tuesday April 2023: time to install your patch blossoms to shield against ransomware showers.

Microsoft Updates

Microsoft released over 90 security updates today. Most important is a patch for a vulnerability which hackers use to install ransomware. The patch applies to Windows 10, 11 and Server 2016 and 2019.

Also of interest, Microsoft released another patch affecting RAW images. This is the third time in six months hackers have exploited flaws in how Windows and the Photo app handle RAW images.

There were also updates for Office products both Mac and Windows versions. And Microsoft patched a flaw with bluetooth devices.

Total number of patches today is 97 with 7 critical including the ransomware block. More details here. Microsoft also issued 17 patches for the Edge browser last week.

Adobe Acrobat

Adobe released security patches for Acrobat and Acrobat Reader today. Normally this software checks for updates and automatically install updates. You can manually check for updates from the Help menu.Adobe Acrobat update

Apple Bytes

Apple released updates for iThingys and Macs on April 7th and April 10th. The first batch of patches only applied to iOS 16 and macOS 13. Yesterday’s patches are for older devices running iOS 15.7 macOS Big Sur 11.7.6. Apple released those patches to fix two major security vulnerabilities hackers are exploiting. More details here.

Mac users should also update Safari to version 16.4.1.

Windows users should update iTunes. iOS update

WordPress Elementor Pro Plugin

Hackers are exploiting the Elementor Pro plugin for WordPress. The Elementor Pro creators have released two updates to the plugin. First update was at the end of March. Second update April 9th.

Out of date plugins are the highway to web site hacking.

Patch Tuesday April 2023

An ounce of patching is cheaper than a pound of hacking. If you’re not sure what to update or why, read my Patch Primer for Small Business.