Well, this happens to be today since the April Patch Tuesday updates are now live as well. So far, 2021 has been quite abundant in CVEs, with the following numbers being discovered each month:

January: 91 February: 106 March: 97

The April CVE report includes 124 identified CVEs

Vulnerabilities found in Adobe products

As far as Adobe products go, a total of 10 CVEs were identified that affected Adobe Photoshop, Digital Editions, RoboHelp, and Bridge. The Bridge update alone fixed 6 of these CVE, so if you are uisng the program, getting the latest update is almost mandatory. As far as severity gooes, the 10 Adobe-specific CVEs were rated as following:

6 CVEs were rated as Critical 4 CVEs were Bridge-related 2 CVEs were Photoshop-related 4 CVEs were rated as Important

Vulnerabilities found in Microsoft products

As always, the Microsoft products took the bulk of the detected CVEs, with their numbers alone passing the 100 mark. These CVEs affected programs like Microsoft Windows, Edge (Chromium-based), Azure and Azure DevOps Server, Microsoft Office, SharePoint Server, Hyper-V, Team Foundation Server, Visual Studio, and Exchange Server. SPONSORED As far as sheer numbers, this is the highest number of CVEs found in 2021, reaching levels comparable to those of 2020. As far as severity is concerned of these 114 bugs, they were rated as follows:

19 are rated as Critical 88 are rated Important One is rated Moderate in severity.

Which were some of the most severe CVEs?

As always, some CVEs stand out from the rest due to their severity, the way that they can be exploited, or simply by how hard they are to handle once they are taken advantage of.

CVE-2021-28480/28481 Microsoft Exchange Server Remote Code Execution Vulnerability CVE-2021-28329 Remote Procedure Call Runtime Remote Code Execution Vulnerability CVE-2021-28444 Windows Hyper-V Security Feature Bypass Vulnerability

For a complete list of CVEs, check out the table below: This concludes our briefing over this month’s CVE report, and as you can see the numbers are rather constant, so if you’re using any of the aforementioned products, try to either update as soon as possible or install a third-party antivirus tool to help you out. Keep in mind that these CVEs can be quite dangerous, especially when the updates are not applied and you are left as a target for events like the monthly Exploit Wednesday, which is a derogatory term given to the day after Patch Tuesday. What do you think about this month’s CVE report by leaving your feedback in the comments section below.

Name * Email * Commenting as . Not you? Save information for future comments
Comment

Δ