Patch Tuesday May 2024: zero time to waste patching multiple zero days. All the patch news you need for your small business. If you’re not sure why you should be patching, read Patch Primer for Small Business.
Apple Patch Monday first
Apple got ahead of the other tech vendors by releasing their security updates Monday May 13th. All supported Mac OS (Sonoma, Monterey, Ventura), iPhones going back to iPhone 8 and iPads got important security updates. Apple fixed security problems with AVD (the video and pictures software foundation) and mobile file security.
Be sure to spend some time this week patching your macs and iThingys. Hackers already know about these security holes.
iTunes for Windows got an update back on May 8th which is slowly rolling out to lucky Windows users.
More details on the security updates from Apple and how to update your devices.
Microsoft Patch Tuesday
Microsoft patched two zero day security problems in Windows already under attack by hackers. The most important security hole has to do with MSHTML component. Hackers can exploit the MSHTML component to compromise Office applications usually as a prelude to ransomware infection.
The other zero day also affects Microsoft 365. Again hackers can exploit this vulnerability to bypass security features in Office.
Important notes. This round of Windows updates requires at least two reboots. Microsoft seems to tested the updates only on Lenovo products. Have a Lenovo laptop? These updates are easy. Every other vendor, the updates take over an hour to install. I timed my desktop at the final clean up screen for over 20 minutes.
Be sure to backup your devices before updating.
Also I am seeing Microsoft deliver unwanted Canon printer installs via Windows updates. I have confirmed in multiple cases that the user does not have a Canon printer and never, ever has had one. Yet Microsoft keeps trying to install Canon printers via Windows updates. A few months ago Microsoft installed HP printer software via Windows updates for folks who never had HP printers.
Microsoft continues to discourage folks from installing important updates because of this type of problem.
Adobe Hot Flash (aka Animate)
Adobe replaced my favorite security boondoggle Flash with Animate some years back. This month Adobe updated Animate for the third month in a row.. Adobe also patched Acrobat and Reader, and Illustrator.
Chrome and Chromium
Google patched a critical hole in Chrome last week. This means all the Chromium products got patched including Edge, Vivaldi, Opera. Be sure to close or restart your browser as soon as possible.
Patch Tuesday May 2024
Zero time to waste patching multiple zero days.