It\u2019s Patch Tuesday. Microsoft only produced four security bulletins this month, and none of them are even rated as Critical. Yawn.\tThere are some crucial updates today\u2014they\u2019re just not from Microsoft. Adobe and Oracle joined the patch release party, and both have patches you should probably install sooner rather than later.\tTyler Reguly, security research and development manager for Tripwire, sums up Microsoft\u2019s Patch Tuesday. \u201cWaiting for Microsoft's patch drop is a bit like being a kid on Christmas Eve waiting for that new bike you asked for. In today's release, instead of the new bike, I find myself looking at an itchy homemade sweater from Grandma and socks instead of a bike.\u201d\tIn and of themselves, none of the four Microsoft security bulletins stands out as urgent, but Trustwave researchers point out that a combination of successful exploits could be greater than the sum of its parts. \u201cOn their own these vulnerabilities might not be critical, but combined they can be much more serious. If an attacker used a malicious Office document to execute code that takes advantage of the privilege elevation vulnerability, then a phishing email to an unsuspecting user would be all that's necessary.\u201d\tThe real security news today comes from Adobe and Oracle. Adobe has two Critical updates\u2014one for Adobe Acrobat and Reader, and one for Adobe Flash. Successful exploit of either will allow remote code execution and effectively give the attacker complete control of the affected system, so these patches should be applied quickly. Users of Chrome, and Internet Explorer 10 and 11 don\u2019t need to apply the patch for Flash because the Flash vulnerability will be updated automatically as a function of the next browser update.\tOracle is the elephant in the room. With 144 separate vulnerabilities addressed in the latest Critical Patch Update (CPU), Oracle has set a new record. Wolfgang Kandek, CTO of Qualys, explains that Java v7 update 51 alone has 34 different remotely exploitable vulnerabilities.\tKandek stresses, \u201cJava was one of the most attacked softwares in 2013 and it will continue to be so due to its sluggish update record. It was in the news recently when attackers installed malware through advertisements on Yahoo\u2019s homepage by abusing a Java vulnerability on the affected users\u2019 machines.\u201d\tSo, Microsoft may have given IT admins a break, but Adobe and Oracle are here to keep things interesting. Make sure you address all of the patches and updates that impact your environment as quickly as possible.