However, another key aspect to these updates is the security improvements that come with them, and that’s pretty much why we recommend that everyone get these updates as soon as they become available in your region. Well, May 11th is here, and so are the Patch Tuesday updates, and this means that the CVE reports are here as well. So far, 2021 has been quite abundant in CVEs, with the following numbers being discovered each month:

January: 91 February: 106 March: 97 April: 124

All in all, here’s a brief rundown of this month’s CVE situation for both Adobe and Microsoft-related products, and we will also highlight some of the more severe ones detected.

The May CVE report includes 98 identified CVEs

Vulnerabilities found in Adobe products

Adobe has released a total of 12 patches that are meant to fix 43 identified CVEs that affected Experience Manager, InDesign, Illustrator, InCopy, Adobe Genuine Service, Acrobat and Reader, Magento, Creative Cloud Desktop, Media Encoder, Medium, and Animate. Of the 43 total Adobe CVEs, 14 targeted Adobe Acrobat Reader, one of which has still been left unresolved, and they can be used to exploit user data via modified PDFs opened in Acrobat.

Vulnerabilities found in Microsoft products

The bulk of this month’s CVE report, as always, is the Microsoft-related CVEs, and they add up to a grand total of 55. SPONSORED These CVEs target Microsoft Windows, .NET Core and Visual Studio, Internet Explorer (IE), Microsoft Office, SharePoint Server, Open-Source Software, Hyper-V, Skype for Business and Microsoft Lync, and Exchange Server. As far as severity is concerned of these 55 bugs, they were rated as follows:

4 are rated as Critical 50 are rated Important One is rated Moderate in severity.

Which were some of the most severe CVEs?

Some CVEs stand out in this report either because of how easily they were to exploit, or the popularity of teh program that was targeted, and they are the following:

CVE-2021-31166 HTTP Protocol Stack Remote Code Execution Vulnerability CVE-2021-28476 Hyper-V Remote Code Execution Vulnerability CVE-2021-27068 Visual Studio Remote Code Execution Vulnerability CVE-2020-24587 Windows Wireless Networking Information Disclosure Vulnerability

Here’s a complete list of all the CVEs included in this month’s report: That being said, we will conclude our overview of this month’s CVE report, and we recommend that anyone using any of the affected Adobe or Microsoft products apply the latest Patch Tuesday updates as soon as possible. On the other hand, users could always try third-party antiviruses to help with security, since they work just as well, if not better, than updating your PC. Let us know what you think about this month’s CVE report by leaving us your feedback in the comments section below.

Name * Email * Commenting as . Not you? Save information for future comments
Comment

Δ