Microsoft, Adobe Release Critical Security Updates
Microsoft and Adobe have released critical security updates, with Microsoft addressing 22 vulnerabilities in Internet Explorer and Adobe fixing issues in Flash and Reader/Acrobat. Microsoft released 13 bulletins on May's Patch Tuesday, bringing the yearly total to 53.
The most severe issues addressed by Microsoft include two critical font vulnerabilities in the GDI+ library (MS15-044) and 14 critical Remote Code Execution (RCE) vulnerabilities in Internet Explorer (MS15-043). Additionally, Word and Excel have RCE file format vulnerabilities patched (MS15-046). Adobe's updates, APSB15-09 and APSB15-10, fix critical problems in Flash and Reader/Acrobat.
Organizations like Microsoft, Cisco, Hornetsecurity, and cybersecurity authorities have urged immediate patching for frequently exploited CVEs, such as CVE-2025-54918 (Windows NTLM privilege escalation) and CVE-2025-20333 (Cisco ASA/FTD firewalls). Attackers are exploiting common software and online services to lure targets to malicious websites.
Microsoft recommends patching within two weeks. Only 5% of RCE type vulnerabilities in Microsoft software had working exploits in 2014, but 50% of newly exploited vulnerabilities are hit within two weeks. Contact wkandek@our socials.com for further information.
Read also:
- Belarus Launches First Accredited Cybersecurity Center
- Software Ré́publique Unveils Ambitious Projects: Cybersecurity for Renault, Vehicle Flow Modeling, and Intelligent Charging
- Renault, Dacia Warn of Cyber Attack on Third-Party Data Provider
- Retail Fraud Surges: New Tactics Threaten Consumers and Businesses
