April Patch Tuesday

We enter into this April Patch Tuesday on the heels of a CISA advisory and updates from Apple (released on April 7th and 10th) for macOS, iPad OS, iOS and Safari resolving two Zero Day exploits (CVE-2023-28205 and CVE-2023-28206). Microsoft has released updates resolving 97 new CVEs with one new confirmed exploited vulnerability (CVE-2023-28252) resolved in the Windows OS update this month. Microsoft has updated the affected products list for CVE-2013-3900, a previously resolved vulnerability that has been confirmed to be exploited. Third-party updates from Mozilla and Adobe have also released and Oracle's CPU release is coming on April 18th, which will be followed by a stream of Java alternatives being updated through the rest of the month.