Oracle has released its Critical Patch Update (CPU) for April 2018 that addresses 254 vulnerabilities across multiple products.
Microsoft issued April 2018 Security Updates that include at least 63 vulnerability fixes, 22 of them rated critical.
Intel released new details of availability for microcode updates that address the Meltdown and Spectre design flaws in Intel processors. According to the company, Intel has stopped working on microcode updates for certain Intel processors as noted in the release.
OpenSSL has released security updates to address several vulnerabilities that impact previous versions of OpenSSL 1.1.0 and 1.0.2.
Microsoft issued new security guidance on the Credential Security Support Provider protocol (CredSSP) vulnerability (CVE-2018-0886) that could allow remote code execution. As part of the updates, Microsoft plans to soon prevent un-patched RDP clients (that uses CredSSP) from authenticating to Windows.
Citrix has released patches for Citrix XenServer that address several vulnerabilities. If exploited, an attacker or malicious administrator of a guest VM could crash or compromise certain XenServer hosts.
Microsoft issued March 2018 Security Updates that includes 75 vulnerability fixes, 15 of them rated critical. The updates address multiple Microsoft products to include Windows, Internet Explorer, Edge, Exchange, Office, Office Services and Web Apps, ChakraCore, PowerShell and Adobe Flash.
Red Hat released security guidance that addresses recent Distributed Denial of Service (DDoS) amplification attacks being performed by attackers who are exploiting vulnerable memcached systems exposed to the internet.
Microsoft issued February 2018 Security Updates that includes more than 50 fixes, 14 of them critical. The updates address multiple Microsoft products to include Windows, Internet Explorer, Edge, Office, Office Services and Web Apps, ChakraCore and Adobe Flash.