Patching vulnerabilities is a difficult task. Keeping up with and patching them without disrupting users’ experience is tricky. Nonetheless, it is a necessary evil and crucial to cybersecurity hygiene and incident prevention.
On March 12, 2024, the Cybersecurity & Infrastructure Security Agency (CISA) issued three Cybersecurity Alerts for Adobe, Microsoft, and Fortinet security patches.
The Fortinet release addresses five vulnerabilities CISA “encourages users and administrators to review…and apply necessary updates.” The vulnerabilities could allow a threat actor to “take control of an affected system.”
On Patch Tuesday, Microsoft released 60 (yes, 60) security updates for products, including well-known ones such as Windows Defender, Microsoft Authenticator, Skype, SharePoint, and SQL Server. Applying patches as instructed by Microsoft is recommended by CISA.
CISA also encourages administrators and users to apply six patches to Adobe products.
Applying patches quickly is a solid strategy to help prevent a cyber-attack that exploits a known exploit or zero-day vulnerability. It is hard work but worth it.