May, 2017: Patch Monday: Easy Month and no Attacks

Welcome to this May Patch Monday bulletin. This month delivers patches from Adobe, Apple, Google and Mozilla. The good news this month is that there are no reports of the listed vulnerabilities being attacked in the wild. Take a look at Adobe Flash and your prevalent browsers like Chrome or Firefox. These will be the most impactful targets In the event an exploit is developed for one of the patched vulnerabilities. Follow up with iCloud/iTunes for Windows and Adobe Experience if those are used in the environment. A good question to ask yourself is whether you can accurately determine what is being used in the environment. This can be a difficult but critical question when trying to reduce exposure from unpatched software especially when users can install software themselves.

LOGbinder:Feed your SIEM a High Nutrition Diet

To achieve compliance and to stop APTs, your security analysts need to see what's happening in your applications and on your endpoints Unleash the power of native Windows Event Collection with Supercharger and track every endpoint with no agents, no polling and no noise. Put application audit logs where they belong – in your SIEM. Then correlate application security intelligence with the rest of your security activity. But getting application audit logs into your SIEM is surprisingly difficult. LOGbinder bridges the gap for a growing number of applications.

So, without further ado, here's the chart of non-MS patches that affect Windows platforms in the past month.

Patch data provided by:




Product Version Affected

Date Released by Vendor

Vulnerability Info

Severity / Our Recommendation

Multiple CVE’s

Adobe Flash

Win/Linux and earlier

Mac and earlier


Arbitrary Code Execution

Critical Priority 1: Update within 72 hours


Adobe Experience Manager Forms

6.0, 6.1, 6.2


Information Disclosure

Important Priority 2: Update within 30 days


iCloud for Windows

Before 6.2.1


Arbitrary Code Execution

Update after testing


iTunes for Windows

Before 12.6.1


Arbitrary Code Execution

Update after testing


Google Chrome

Before 58.0.3029.96


Race Condition

Update after testing


Mozilla Firefox

Before 53.0.2/ESR 52.1.1


Denial of Service

Update after testing

Send me this chart next Patch Tuesday.
We will not share your address. Unsubscribe anytime.