Oracle released their April 2017 Critical Patch Update, that resolves a record breaking 299 vulnerabilities across all of their products. Of these 299 vulnerabilities, over 100 are remotely exploitable without authentication. The three products with the most security updates are Oracle Financial Services Applications with 47 vulnerabilities and Oracle Retail Applications and Oracle MySQL, which are tied at 39 fixes. Java, which is notorious for being used by exploit kits to install malware on vulnerable systems had 8 new security fixes, with 7 of them being remotely exploitable. Complete list of addressed vulnerabilities can be found here.

Drupal has released an advisory to address a vulnerability in Drupal core 8.x versions prior to 8.2.8 and 8.3.1. A remote attacker could exploit this vulnerability to obtain sensitive information.

Google has released Chrome version 58.0.3029.81 for Windows, Mac, and Linux. This version addresses multiple vulnerabilities that an attacker may exploit to take control of an affected system.