Security News > 2021 > May > May 2021 Patch Tuesday: Adobe fixes exploited Reader 0-day, Microsoft patches 55 holes
Adobe has fixed a Reader flaw exploited in attacks in the wild, as well as delivered security updates for eleven other products, including Magento, Adobe InDesign, Adobe After Effects, Adobe Creative Cloud Desktop Application, and others.
Microsoft has plugged 55 security holes, none actively exploited.
Another good reason is that one of these - CVE-2021-28550 - "Has been exploited in the wild in limited attacks targeting Adobe Reader users on Windows."
Microsoft delivered a lighter than usual load of updates on this May 2021 Patch Tuesday, though it covers a wide variety of products.
55 vulnerabilities in all have been fixed, 4 of which are critical, 3 previously publicly known, and none are currently exploited by attackers.
Finally, administrators should consider a quick implementation of updates for Microsoft Exchange Server and Microsoft SharePoint Server, as they are often targeted by attackers.
News URL
http://feedproxy.google.com/~r/HelpNetSecurity/~3/ayGaGgVLpDQ/
Related news
- Microsoft August 2024 Patch Tuesday fixes 9 zero-days, 6 exploited (source)
- Microsoft September 2024 Patch Tuesday fixes 4 zero-days, 79 flaws (source)
- Patch Tuesday for September 2024: Microsoft Catches Four Zero-Day Vulnerabilities (source)
- Microsoft confirms IE bug squashed in Patch Tuesday was exploited zero-day (source)
- August 2024 Patch Tuesday forecast: Looking for a calm August release (source)
- Microsoft discloses Office zero-day, still working on a patch (source)
- Week in review: Tips for starting your cybersecurity career, Patch Tuesday forecast (source)
- September 2024 Patch Tuesday forecast: Downgrade is the new exploit (source)
- Week in review: Vulnerability allows Yubico security keys cloning, Patch Tuesday forecast (source)
- Week in review: Veeam Backup & Replication RCE could soon be exploited, Microsoft fixes 4 0-days (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-09-02 | CVE-2021-28550 | Use After Free vulnerability in Adobe products Acrobat Reader DC versions versions 2021.001.20150 (and earlier), 2020.001.30020 (and earlier) and 2017.011.30194 (and earlier) are affected by a Use After Free vulnerability. | 8.8 |