Transcript
Good news is there's a lot to go through, but urgency-wise, there's only a few things that are really concerning out there. So that's at least the good news for this month. But there were a lot of CVEs resolved. So we're going to go through and talk a little bit about some of the recent news, vulnerabilities that you need to be aware of, especially the ones actively being targeted. And then we will shift into Todd's going to walk us through the bulletins and releases for this month. And then we'll wrap up as always with the between the Patch Tuesdays talking about some of the previous releases that had security fixes in them that you'll want to be aware of. Again, Microsoft may do this Patch Tuesday specific event. There's only a few vendors that kind of do a consistent cadence like that. Most vendors are on a continuous delivery cycle now. And that means that we just need to be aware of those things that aren't coming out directly on Patch Tuesday. All right. So this month, we had a lineup from Adobe, Google, and Microsoft yesterday. Adobe did release quite a bit of the Creative Suite and a couple of additional applications yesterday. We're going to talk specifically about the Creative Suite updates, of which six of the applications in there were updated. All of them did include critical CVEs, so they were all rated as critical. No known exploits or anything there. So the urgency is kind of business as usual, included in your regular maintenance, but no need to pull the trigger faster on those. Google Chrome did have a Patch Tuesday release. What you will see, having released from Microsoft from an Edge perspective, was not the Patch Tuesday release. So expect that there will be another Edge browser update shortly after here. And then Microsoft had their typical lineup of Office OS and some other things, so five specific updates that we're going to be talking about there. Most of them included at least a few criticals in them. There were a lot of CVEs resolved this month, 121 from Microsoft. In fact, if you were looking between the actual vulnerabilities list and the release notes, the release notes looked like there was 125 CVEs, but whoever was doing the release notes this month included a few of the Edge Chromium CVEs in the Microsoft list. So 121 net new Microsoft vulnerabilities, and there were a mix that that remaining four was some additionals from that kind of expanded Chromium-based vulnerabilities coming in there as well. So that's if you saw some discrepancies, especially in the news, you may see anywhere from 121 to 126 CVEs is the range that are being talked about from the Microsoft side. That's why we're specifically talking about the Microsoft-centric 121 in this conversation, but depending on which news outlet you're following, you may see some variants of that depending on which number they were going off of. So getting into the news for this month, the first article is directly from Microsoft, and this was talking about the Microsoft Zero Day that was resolved yesterday. This one is absolutely being utilized by a threat actor. There's a malware family called PipeMagic. It's a malware family that the threat actor behind this one is called Storm2460, but they're using this in ransomware campaigns actively today. So that is the urgency. This is the one that the news is pretty much a buzz about right now. So this goes into a little bit of detail about the Zero Day vulnerability, the fact that it's being used in that Storm2460 ransomware campaign. So this is where you may need to decide if you need to push this sooner rather than later. For those of you who have ransomware as one of your top priorities to defend against, this could warrant trying to push the OS update faster than normal. That's obviously a risk-based decision that each organization needs to make on how aggressively they would shift to push something out sooner if needed, but that's the concern with this one is this CLFS exploit is actively being targeted by a threat actor who is using it in a ransomware campaign currently. So there is more details about the ransomware activity. This information may be used by your security teams to observe and monitor for traces of that type of ransomware within your organization, but the OS update this month does resolve this vulnerability. So that is the first article there. The second one, if you're following along in that doc, there's an article here that talks about the Windows CLFS vulnerability again, but also goes into a couple of the additional vulnerabilities resolved by the OS update this month. Todd, I think the OS update this month resolved somewhere in like the high 60s or low 70s of that 121 total CVEs, if I'm correct, right? There were 87 in Windows 10 and 84 in Windows 11. Oh, wow. Okay. It was even higher than I had originally expected. So the majority, about two-thirds of the total CVEs resolved this month are in the OS update. And in there, there are a couple of others that were called out by some different security researchers as concerning. They're ones that would definitely be attractive to threat actors. They are not actively being targeted. They are not publicly disclosed. There's no proof of concepts for these yet. But from a research perspective, they're ideal choices for a threat actor because they enable them to do a lot with very little interaction from a user perspective. In fact, there was a pair of LDAP vulnerabilities, the two here, that do not require any user interaction to be able to exploit. So if they were exploited, it would be something where an attacker could rapidly take advantage of. LDAP can pop up in a lot of places across a network perimeter. So it's definitely a concerning risk within there. And then the two RCE vulnerabilities in Windows Remote Desktop, again, for organizations that are running RDP, and especially if you've got RDP exposed in any level on your perimeter, that's another common entry point for threat actors. So there were other vulnerabilities within the OS update this month that are being called out as a high risk kind of concern. But there's only the one actively exploited right now. So this article kind of goes into a little bit more depth than the Microsoft one. The Microsoft one was only talking about the CLFS zero day. But that's the pair that's talking about the Microsoft side. Additionally, leading up to Patch Tuesday, there have been other vendors who have been releasing and resolving a number of vulnerabilities. If you look at the next article here from CyberScoop, this talks about the Apple updates recently. So they just did several updates, including 62 vulnerabilities on the iOS and iPad platforms. And for the Mac OS, they did have 131 CVEs resolved in Sequoia and 14 affecting Safari. So a lot of vulnerabilities, again, across all the platforms that may be utilized in your organization. In the case of Apple, there's no new actively exploited vulnerabilities, but Apple did port some of the recent vulnerabilities that were actively being targeted back to older platforms because they have been targeted now on those older platforms. So if you remember the WebKit web browser engine vulnerability that was talked about previously, that one is actively being targeted on older platforms now. And the other zero day was the disable USB restricted mode on a locked device. So those are actively being exploited on older platforms. So there's a little bit of detail about that here in this article, just giving you awareness that one, a lot of vulnerabilities on the Apple side as well. So make sure you're keeping up with your cross-platform management there. And two, your older Apple devices are getting updates to resolve those two CVEs. So if you are running any older Mac OS or iOS devices, make sure to get those updated to fix those actively targeted vulnerabilities. On the Google side, our next article, the Infosecurity Magazine article is talking about the Google releases for Android that addressed two zero day vulnerabilities as well. So multiple vulnerabilities, there were 60 additional vulnerabilities resolved, but two of them in particular have been used by different organizations to exploit vulnerabilities on the Android OS. So one of them, Celebrate, is an Israeli digital forensics firm. They've been taking advantage of a few of these vulnerabilities to break into devices. So digital forensics wise, yep, that's kind of a gray area, good and bad. But if these vulnerabilities get actively out into the hands of threat actors, that gets even more risky. So that just increases the risk there. You'll want to make sure that your Android devices are staying up to date. And the last news article here was talking about Google Chrome. So Google Chrome, this was not this week's update or even last week's update, but the update from the week of March 20th. There was a vulnerability there that was being discussed in, let's see if the, he drones on for a little while and okay, here we go, we're finally getting into the actual vulnerability. So the security update for Chrome 134 is resolving this particular vulnerability and doesn't actually give the CVE anywhere in here. That's always helpful. But that is the, I don't like the way some of these vendors break up everything with all of the junk in between, so you can't even follow the article well. Oh yeah, here it is. I was going to say, I thought I saw the CVE somewhere. This is a vulnerability 20252476, use after free memory issue in the lens component of the Chrome browser and could enable remote hacker attackers to exploit heap corruption via crafted HTML. So that's the vulnerability that was resolved in that update on the week of March 20th. And the one that you want to make sure is in place now, since then there have been call it around 15 additional CVEs resolved in the two Chrome updates after that. So along with that update from March, you've got two additional Chrome updates that are resolving multiple vulnerabilities. And you'll just want to make sure your browsers are all up to date. Firefox and Chrome both released security updates on April 1st, no joke. And then Chrome again on patch Tuesday did release another security update. So one of the things for those of you who read the blog article, we have a blog article that goes out on patch Tuesday with a little bit of guidance in there. One of the priorities I've been talking about quite a bit, but I kind of reiterated here based on the recent actions here. Browsers, you really need to get to a cadence of updating weekly. There's so much of a continuous release cycle with the browsers. Chrome releases weekly, meaning Edge releases weekly. And Firefox releases two to three times a month on average. And if there's zero days in any of those, add additional releases beyond that. So updates like this are rather continuous. And the good news is most browser updates don't require a full system restart. So you can just make sure to keep pushing those updates for your browsers and do so independent or in parallel with your regular monthly maintenance. So for those of you who are using Ivanti Neurons for patch management, you remember the update that we did back in July last year was giving you the ability to create three parallel tasks within your policy. One for your normal monthly maintenance, one for priority updates, and one for more zero day response. And each of those can target different levels of updates that you want to include. My guidance to most people when we're talking about that is, yeah, keep your OS updates and your normal everything kind of maintenance in that first task. Put things like your browser updates into that priority updates bucket and then have that zero day response be a daily task that only has to do anything if you've specifically decided that you need to attack an update sooner than anything else. So if you decided you wanted this OS update to go out now instead of waiting for your normal maintenance, rather than going in modifying schedules and trying to do everything there, that zero day response task, you would just add that one patch into your configuration for zero day response. And next time that runs, if you've got it set to daily, it would see that patch missing and be able to deploy it. That's the type of model that organizations are starting to shift over to, is having different tracks with different levels of priority and different scopes of what typically gets remediated in those. If that's something that you're interested in, definitely reach out and we can talk you through more of kind of what some of those evolving best practices are. But that's a lot of what organizations are trying to shift to now. All right. In the news article that I shared before, there are a couple of other links from last month that we talked about. And this was what we had two announcements that Microsoft had previously, the move from Skype to Teams, and then the deprecation of WSUS driver synchronization. So those articles are in here for reference. Once again, if you need to get access to those, we had them in last month's deck as well. We decided to keep them in here for right now, just because there were so many people asking for that information. And then the others are the upcoming end of lives for Exchange Server 2016 and 2019. They're urging migrations to Exchange Online or over to Office 365. So definitely if you're still running Exchange Server, take a look at that. And then Windows 10 and the extended support coming up in October. So Windows 10 is end of lifing. As of October, there won't be any security updates past the October patch Tuesday for any Windows 10 additions, except if you extend the security update support. So if you subscribe to that, that's three years that Microsoft has planned for that. You can subscribe for one, two, or three years. And if you do that, the latest Windows 10 edition only, so you'd have to get all your Windows 10 systems up to that level, and that edition only will be continuing on in the ESU. So more details on those links there if you need any of that information. So that'll wrap up the news portion. Next thing that we were going to talk about is our zero-day vulnerability from Microsoft. So just to make sure everybody has a little bit more detail about that, the one vulnerability that's actively being exploited is this Windows common log file system driver, elevation of privilege vulnerability. The elevation of privilege does give the attacker full system-level privileges. So they would basically own the box if they were able to compromise it. It is actively being exploited. As I mentioned before in that news article, this is tied to that Pipe Magic ransomware campaign. There were a couple of things to note in here. One, yes, the attacker gains system-level privileges. The other note on here, and this one definitely got a little bit confusing in the news. If you look at the different OSs that are supported here, Microsoft specifically did not release for Windows 10 for x64 and Windows 10 for 32-bit. So scroll down here and look at the specific OS editions. You'll notice that the different supported branches, 7 for instance, there are security updates available there. It's only that original release, Windows 10 x64 and Windows 10 32-bit that don't have the information there yet. So if you are running in Todd, is this the LTSC? Is that the specific branch that this, the original Windows 10? They don't make it very clear here, and that's why I wanted to point this out. If you read any of the news articles that are saying Windows 10 updates are not available, it's a bit conflated. It's specifically the original Windows 10 branch, which is the LTSC. That one is not yet released. Microsoft said that in all of the OS updates, you're going to see that note just like we saw. If you scroll down to the OS section under there, your security updates should be available for all Windows 10 branches except for the LTSC. So that's only a concern if you're running the LTSC for specific use cases. It's not going to be all of you, and it's not going to be widely used in the cases where you've got it. Those of you who know you are using it, be aware that OS update is not yet available. Chris, the same discussion came up yesterday on patchmanagement.org. There was a long discussion around LTSC versus all the rest of the other things. Hey, all the other Windows 10 updates came out. What's going on? So yes, it is. Microsoft was not clear on when, and the only notification you're going to get is that the release notes will be updated for these specific things. So in the case of like, depending on how you're implementing your patching, you may have a challenge with the visibility around that. So if you are running LTSC, it might just be a good idea to use the zero-day CVE as kind of your touchpoint, but basically monitor this for when it gets revised. When they revise it, basically you're going to see a note in the revisions down at the very bottom. There'll be a 2.0 and whatever date that it came up on, and they will state that they've released the update for Windows 10, and then you will see the Windows 10 packages be made available there. The links will be live. At that point, you'll have everything you need, depending on if you're doing it through the Microsoft stack, through the Ivanti platform, or any other vendor, depending on who you're using for your patching. That's the indication of when you'll get that there. If you are doing something a little bit more sophisticated, you could probably monitor something like one of these, a specific CVE using the Windows Catalog APIs, just to see when does it revise any of those OS CVEs this month, and look for that as your trigger. But depending on how your organization is monitoring things, this one is definitely going to be, most of us are going to have a hard time seeing this pop up unless you've got something actively monitoring for change. Our content team is going to be monitoring for that, so as soon as those release, we'll be looking to add content support for that and get it released out to our customers. That's the situation there. Go ahead, Todd. Got anything else? Long just dropped us a note. He said the official name is Windows 10 Enterprise 2015 LTSB, still. Got it. Thank you, Long. That is it for the news. I'm going to switch back over to the slides, and we're going to talk about a couple of other things of note. From the Ivanti side, there was one security update this month. That's for those of you running Ivanti Endpoint Manager. This was six vulnerabilities that were in a third-party library. We got that library updated, and a patch is available for that. No public disclosures or active exploits against those, but just so you're aware, there is a security update there. Affected versions if you're running 2022 SU6 and previous, or 2024, there is a patch available for you. On the Linux side, we have a partnership with a vendor called TuxCare. TuxCare does an excellent job of keeping up on the Linux market. The Linux market, as many of you know, is a little bit more nebulous than the Windows or even the Apple platforms as far as how well things are documented and how they roll A lot of times, Linux takes a lot longer to distribute down through all the different distributions because we're dealing with open source. Some of these are more actively maintained than others. Some have a stronger security focus than others. That's where things get a little bit challenging at times. We have asked TuxCare to give us the what should people be watching for at any given time and get a few key nuggets of here's the top things or the things that should be top of mind for you. This month, the first one of these is more of an end-of-life awareness. Again, Linux platforms may have more chance of end-of-life components or older aging components in them than your other platforms depending on how maintained it is. In this case, the first one here, CVE-2025-24070, is a vulnerability in the .NET framework. That is on all platforms, Linux and Windows. The mitigation here, the thing to call out, and the concern from the Linux side is there's a lot more cases of older .NET versions out there. Your vulnerability scanners may or may not detect these vulnerabilities on the .NET 6 side depending on if they're doing detection for things that are end-of-lifed. Microsoft did not document anything as end-of-life there because technically that .NET 6 is end-of-life so they didn't really update anything new for it. But if you are still running .NET 6, this vulnerability is applicable in that case. .NET 7 is also exposed to this vulnerability, but it will not be patched in that version. No official patches for this vulnerability will occur for 6 or 7. You need to move forward to newer .NET versions to resolve this. More of an awareness if you do have older .NET versions, they are now accumulating security risk and you do want to look at how do you mitigate or remove those from your environment. Next is CVE-2025-24813. This is a vulnerability in Tomcat running on any Linux distributions. So it doesn't matter what distro you're on, if you're running Tomcat on there, this is definitely a vulnerability you want to be concerned about. Score on this is a 9.8. So guidance here, they give the version information on what Tomcat versions you need to be up to to be resolved. So you can see here the 11, 10, and 9 branches all have a version that will resolve this. But the vulnerability in this case is definitely a high score. Given how prevalent and well-known line of business apps are running Tomcat, this one could be fairly pervasive. So definitely a concern and one that thread actors will probably take a look at. So that is our Linux lineup. There were servicing stack updates this month, so just be aware of that. For Server 2008 and 2012, and for Windows 10 and 2016 editions. And we've talked about this in the last few months here as well, but we do have the looming Windows 10 end of life coming up in October. So I know that many organizations are actively working to eliminate as much Windows 10 as possible across their organizations. In fact, my system got updated to Windows 11 over this last weekend. And there's, you know, I've been hearing different levels of fun, but performance once you get some of the older systems up to Windows 11 could be a bit of a strain for some of your users. So I'm guessing there'll be the upgrade and then possibly even getting in and having to tweak things to get performance back to a good baseline. If you're running on older hardware, things like Copilot will absolutely put a bit of strain on those systems. In fact, when my system got upgraded, I'm getting a refresh shortly. But it was running probably 10 to 50% CPU usage when I was doing nothing on the system. I got in and started looking around and had to disable a few things. Like I saw that my audio driver was spiking quite a bit. And what was happening was Copilot was interacting with the audio. So I actually went and disabled that. And then I still had, it improved things, but I still had some more challenges after that. So I went and disabled Copilot altogether. And now my system feels like the level of performance I was at pre-Windows 11. As you're pushing some of those older systems in your organization up, just be aware of that. There's definitely some good articles out there for how to tweak configuration around Copilot on the older hardware that you've got running to reduce that impact. But the impact is real. That's a personal experience that both Todd and I ran into. Both of us were running on older hardware and have now since started the process of getting refreshes for ourselves. So, but both of us were overdue for them anyway. The good news is that the upgrade was actually pretty painless. It kept all my favorites, all my recent files, all that good stuff. But like you said, Chris, I ran into the same thing. You know, Copilot running in the background. It was chewing up a lot of CPU time. Yep, yep. The snap, the window snapping, like if you drag an application over to another window and you like snap at the top or the right or the left, there's a lot more options to that now. So it takes a little bit of getting used to. But other than a few nuances like that, like Todd said, I think it was a fairly seamless upgrade and it did very little to impact my overall experience other than, you know, the fact that I was running on older hardware and had the performance impact. So if you've been reading up on or seeing others with those challenges or have experienced it within your own org, there's definitely some reality to that. And Copilot, from everything we're seeing, is definitely one of the top contributors to that performance impact. So, all right, this is just talking about the ESU support. Again, for those who may still be investigating that, if you do plan to run Windows 10 past the end date, Microsoft has support for that. They're going to be running it for three years. Ivanti will be supporting that in three of our products as well. EPM, Security Controls, and Neurons Patch Management will all three support the ESU content. So you just need to reach out to your rep and subscribe to that feed. There is an operational cost for it. For us to continue maintaining Windows 10, we try to be equitable to our customers. Those who need it pay an additional feed for how long they need it. And those who don't need it are not impacted by that. But that just offsets the operational cost of having... We have to run ESU support. We have to run infrastructure continuous on Windows 10 and do the testing and everything for it. So that's what that fee's about. So, I think that wraps up everything for this month. Todd, go ahead and take away the bulletin releases update. Okay, thanks, Chris. Sure, we'll dig into these for the month here. Let's start off with the third-party stuff. Chris did mention the update that came out yesterday for Chrome. Be aware of this one. They said two security vulnerabilities were fixed. They only listed one particular CVE, 2025-3066. So this came out yesterday. So be aware of that one. They rated it high. The next couple here, because we're supporting Creative Cloud with our products today, we have gone through and listed the Creative Cloud updates. As Chris said, overall, Adobe had lots of updates for CVEs. There were 54 altogether. 17 of them you'll see here bundled together in these particular applications that I've listed here. Starting off with After Effects, there were seven vulnerabilities. And also, as Chris mentioned, all these were rated the highest. They had critical vulnerabilities as part of them. So you definitely want to update these as part of your normal application update process this month. So seven vulnerabilities here in Adobe After Effects. Four vulnerabilities in Adobe Animate. Too critical, too important, as I listed there. Single CVE for Adobe Bridge that came out this month. Adobe Media Encoder, two vulnerabilities there as well. And by the way, you can see in the affected products, they're updating both of the versions that they're actively supporting. So it's not just the latest one. It is N-1 as well. So they had one vulnerability here in Adobe Photoshop. And then finally, in Premiere Pro, they had one additional vulnerability fixed there as well. So again, going through, make sure that your Creative Cloud is being updated regularly. Moving into the juicy stuff, the Windows updates that came out yesterday. As I talked earlier, and I mentioned that when Chris was of the 121 vulnerabilities that were released, this one fixed 84 in Windows 11. Pretty big update for this month. I highlighted in red here the one known exploited vulnerability that Chris covered, number 29824. He went through that in quite a bit of detail. As usual, they kind of lumped their updates together into two forms. There's the 2022 H2 and 23 H2, a common update there, covered with KB 505528. And then 24 H2 and server 25 is in the other one. So be aware of that. Again, a Windows 11 update. There were a number of issues reported. Some of these are carryover. We've talked about this Citrix update from the session recording agent that they've had for quite a while now. We've been carrying this forward since January. Citrix does have a workaround identified in the KB. You can go through and read about that. And Microsoft still says they're working on a, you know, on the fly fix as well. So we'll see how that happens. Second thing that popped up this month is the second one I've called audio events here. They said this isn't necessarily a technical problem, but there is a reporting inconsistency. So you may not run into any performance or operational issues with this. But if you're looking into the log and seeing, looking for specifically these audio log on log off events, I'm sorry, audio audit log on log off events, you might not see them properly identified. So they didn't mention this. They did go in in quite a bit of detail about how to go in and modify the registry settings to make sure you're getting accurate results if you really need them. It's a rather extensive step-by-step process. And of course, as usual, they said they are working on an update for this. But this just did appear this month for the first time that I've seen. Another issue that popped up, an edge case with going through and setting up. Funny, this should be mentioned since Chris and I just both went to this and didn't see this particular issue. But they did see the hello screen when you update your system has some issues. And really it's kind of interesting what they said. Well, basically just go through and run through a second time, setting up your pin, setting up your face ID, those kinds of things, and it will be corrected. So just be aware of that one. It's kind of a minor thing, but they did point it out that it is showing up on some of their systems. And of course, this issue with the Roblox game has been around for quite a while now. On the Windows 10 side, 87 vulnerabilities updated. So a few more. Again, the same known exploited vulnerability is present in the Windows 10 updates as well. The 29.8.24 vulnerability Chris talked about. Very similar as far as some of the issues that they're seeing from the Windows 11 side that I just talked about. Those audit events with the log on and log off situation. Same Citrix vulnerability here shows up on the Windows 10 side. One thing that was unique, and this one's been carried along for three months now, is this issue that has to do with this broker.exe. Be aware of this particular one if you run into it. It has to do with Windows Defender Service being disabled. Basically they're saying to ignore it and it will be corrected here in a future release. You can go through the KB and read about this one in a lot more detail if needed. A lot of issues across a lot of different versions of Windows 10, Server 2022 in particular, had all three issues reported this month. And then finally there on the 2022, particularly version 23H2, the Citrix issue is present there as well. It seems like the Citrix issue is pretty prevalent across all versions of the operating system. So just be aware of those as you go through. Those are the known issues reported this month for April. Office updates, a large update for Office this month for the on-premise versions, the 2016 versions you'll notice here. They're also, Chris talked about Android vulnerabilities. There were obviously in addition to the OS stuff that Chris was talking about in the news, Microsoft is updating Office on Android as well. They addressed several vulnerabilities there. Again, 17 this month. None of these are known, exploited or publicly disclosed. So I don't have anything in red here to show you as far as CVEs go. But there were some critical vulnerabilities in there that were addressed. So make sure that as usual, you do all of your Office updates as expected. The online or click-to-run versions of Office also got the regular updates this month. This includes Office 365 apps, Office 2019, and the two long-term service channels, 2021 and 2024. Only 15 vulnerabilities, a lot of overlap with what I had on the previous slide as far as the actual vulnerabilities go. So be aware of that one. Again, 15 vulnerabilities will require application restart in case of the Office updates. And finally, we did see an update for SharePoint server. Usually there's only one or two vulnerabilities this month. They had five that they addressed. I did list them out here just for convenience in case you're wondering what they are. Again, no known, exploited or publicly disclosed vulnerabilities here this month. And they rated this as only as important. So again, this is the only important one that's listed this month. All the others we rated as critical just because there were critical vulnerabilities addressed in them. Moving on to the between the patch Tuesdays, as Chris mentioned, we try to cover as much of the hot stuff on that first set of slides and go through the bulletins as to what came out yesterday or the day before. But obviously vendors are continuously releasing updates for their software. We lump them into a couple of categories. If those of you who are new here, we do try to include security updates that do include CVE information when the vendor reports them. A lot of times the vendor will tell us that these are security updates, but they won't have specific CVEs identified. You can see there's a large number of those there in that center block. And then finally the non-security updates down below there. The number in parentheses indicates the number of updates that came out in the past month. So you'll see some of these here in the next slides. Windows in particular, updates on third-party applications, AutoCAD came out with addressing 14 vulnerabilities. Chris did mention the weekly updates of Google Chrome are the ones that came out between the Patch Tuesdays. Again, the zero day he mentioned listed here, as well as the latest update that came out here on April 1st with nine vulnerabilities and of course today's. Again, these are all cumulative for the most part. So if you're putting the latest Chrome update on, you have these covered. Firefox, obviously another browser coming out with different vulnerabilities, a lot of overlap with what you saw on the previous slide in Google Chrome. ESR is their long-term service branch. The Firefox browser, again, regular updates coming out there as well. Chris did mention the importance of almost a weekly patching on browsers. A couple others here, Snagit, Thunderbird, their long-term service branch again from Mozilla. VMware Tools had an update that fixed one vulnerability. And if you're running Zoom in your environment, they did have an update that came out back on March 31st. Looking to the Apple side where you include Apple information in our regular presentation here as well. Same breakout as far as the vulnerabilities go. Chris did cover in quite a bit of detail talking about all the vulnerabilities that are now showing up in the OS that Apple's having to deal with. Same kind of numbers that overlap here. I include the links behind these number releases here if you wanna go and take a look at them. Sequoia, the latest version, had 131 vulnerabilities. So make sure that you're updating there regularly. What's interesting is that Sequoia includes the Safari updates. The other two, Venture and Sonoma, they do have a separate breakout for the Safari browser update version 18.4. And as Chris mentioned on his slides earlier, they had 14 vulnerabilities that came out this month. Moving into the third parties on top of Apple or the Mac OS basically. Photoshop, a number of updates here. We had an Acrobat Classic update. Of course, the weekly Chrome updates come out for Apple as well. Similarly, the Firefox updates we include here with the CVE information. Of course, Microsoft does release Edge for the Mac devices, so you can run Edge. And these include the Chrome vulnerabilities as well. Again, here, three vulnerabilities, then one, and then the latest one had 13 vulnerabilities. That was released here on April 3rd. So again, make sure you're keeping your browsers up to date on both your Windows and your Mac devices. Finally, last slide here on third-party updates, Thunderbird, of course, and then the Zoom client. Interestingly enough, had four updates, I mean, had four vulnerabilities that were addressed this month. So if you're using Zoom, make sure you keep that up to date as well on your teleconferencing software. Thanks all, and have a great month. We'll talk to you next month. Thanks everyone, bye.
