Black Arrow Cyber Advisory 12 March 2025 – Security Updates from Microsoft, Fortinet, Apple, Adobe, Zoom and SAP

Written By Black Arrow Admin

Executive Summary

Microsoft’s Patch Tuesday for March 2025 delivered 57 security updates across its product line, including 6 actively exploited zero-day vulnerabilities. This month, several other major software and hardware vendors also released critical security updates to address vulnerabilities that could be exploited by attackers.

Fortinet issued 17 security advisories with updates addressing various high, medium, and low severity vulnerabilities across multiple product ranges, including FortiOS, FortiProxy, FortiPAM, FortiSRA, FortiAnalyzer, FortiManager, FortiAnalyzer-BigData, FortiSandbox, FortiNDR, FortiWeb, FortiSIEM, and FortiADC.

Apple released updates to address zero-day security issues across its iPhone, iPad, macOS, and visionOS product ranges, specifically targeting vulnerabilities in WebKit, the browser engine used within Safari and other Apple products.

Adobe provided updates addressing 35 vulnerabilities, including critical issues in various product lines such as Acrobat and Reader, InDesign, and Substance 3D Sampler.

Zoom patched five vulnerabilities in its applications, including four rated ‘high severity’, affecting Zoom Workplace, Rooms Controller, Rooms Client, and Meeting SDK products.

SAP also released 21 new security notes, covering high, medium, and low severity vulnerabilities addressed by security patches.

What’s the risk to me or my business?

The actively exploited vulnerabilities could allow an attacker to compromise the confidentiality, integrity and availability of the affected applications and the organisations data on the affected systems.

What can I do?

Black Arrow recommends applying the available security updates for all supported versions of products that have been impacted by the various vulnerabilities. The updates should be applied as soon as possible for actively exploited vulnerabilities and all other vulnerabilities that have a critical or high severity ratings.

Microsoft

Further details on specific updates within this Microsoft patch Tuesday can be found here:

https://msrc.microsoft.com/update-guide/releaseNote/2025-Mar

Apple, Adobe, Fortinet, Zoom, SAP

Further details of the vulnerabilities in affected Apple, Adobe, Fortinet and SAP:

https://helpx.adobe.com/security/security-bulletin.html

https://support.apple.com/en-us/100100

https://fortiguard.fortinet.com/psirt

https://www.zoom.com/en/trust/security-bulletin/?cms_guid=false&lang=en-US

https://support.sap.com/en/my-support/knowledge-base/security-notes-news/march-2025.html

#threatadvisory #threatintelligence #cybersecurity

Black Arrow Admin
Next

Black Arrow Cyber Threat Intelligence Briefing 07 March 2025