Microsoft Patch Tuesday
Microsoft patched over 120 vulnerabilities this month. 11 of these were rated critical, and one vulnerability is already being exploited.
https://isc.sans.edu/diary/Microsoft%20April%202025%20Patch%20Tuesday/31838)
Adobe Updates
Adobe released patches for 12 different products. In particular important are patches for Coldfusion addressing several remote code execution vulnerabilities. Adobe Commercse got patches as well, but none of the vulnerabilities are rated critical.
https://helpx.adobe.com/security/security-bulletin.html)
OpenSSL 3.5 Released
OpenSSL 3.5 was released with support to post quantum ciphers. This is a long term support release.
https://groups.google.com/a/openssl.org/g/openssl-project/c/9ZYdIaExmIA)
Fortiswitch Update
Fortinet released an update for Fortiswitch addressing a vulnerability that may be used to reset a password without verification.
https://fortiguard.fortinet.com/psirt/FG-IR-24-435)
