This week, the US Cybersecurity and Infrastructure Security Agency (CISA) added five new vulnerabilities to its Known Exploited Vulnerabilities (KEV) Catalog, citing solid evidence of active exploitation by attackers. The vulnerabilities, for which patches are available, affect Adobe Acrobat and Reader. One of them can be misused to achieve remote code execution with the privileges of the current user.
Meanwhile, Microsoft released security updates for 103 vulnerabilities for its products as part of its regular Patch Tuesday release.
The reports are a reminder of the importance of keeping software and devices up to date, a crucial security practice that should be observed by everyone from individual users to small and medium-sized businesses (SMBs) and large enterprises.