Patch Tuesday March 2023: security patches are springing up all over.
Patch Tuesday March 2023
Patch Tuesday is the second Tuesday of the month when most software vendors release updates for their products. If you’re not sure what to patch or why, read my Patch Primer for Small Business.
Adobe Update News
No updates for Acrobat or Reader this month but the dreaded Creative Cloud Desktop application needs patching. If you don’t update the Creative Cloud Desktop application you can have problems with your other Adobe applications like Acrobat.
Adobe released security updates for Photoshop, Experience Manager, Dimension, Commerce, Substance 3D Stager and Illustrator.
Google released patches to fix forty flaws in Chrome. The worst flaw would allows an attacker to install programs and also view, change and delete data.
Updates should automatically install. To check your version click on the three dots in the upper right hand corner, then scroll down to Help and right arrow to About Google Chrome.
Microsoft patched 74 bugs today, hackers are actively exploiting two of these, nine are rated critical.
One of the actively exploited bugs affects only businesses running their own exchange server and domain. This is an Outlook vulnerability where an attacker can grab domain login credentials. Microsoft has released special support information for those affected here.
The other actively exploited bug affects Windows/Office users. Windows Smart Screen looks at a downloaded file and decides if it was downloaded from the internet. Microsoft call this Mark of the Web and they already patched it once in December. A new flaw in Mark of the Web means a malicious file can be opened in Office without the being marked as from the web and without the SmartScreen security kicking in.
Hackers pushing the Magniber ransomware are exploiting this bug now.
More details on Microsoft’s Patch Tuesday 2023 here.
WordPress 6.2 Coming Soon
The developers at WordPress.org expect to release WordPress 6.2 March 28th this year. With a major WordPress update comes lots of plugin and theme updates. Have you checked your website for updates recently? Hackers get into WordPress sites via out of date themes, plugins and WordPress versions plus poor passwords.
Patch Tuesday March 2023, an ounce of patching is cheaper than a pound of hacking.