Adobe Security Patches Released so Far in July 2015

Adobe has posted multiple security advisories and updates for its products this month:

  • Adobe Flash Player: A Security Advisory (APSA15-03) was posted earlier this month regarding a critical vulnerability in Adobe Flash Player, affecting Windows, Macintosh and Linux. Adobe did take quick steps to fix the software. The details of the updates were posted in APSA15-16. A week later, another update was released via APSA15-18. To make sure you have the latest update, go to the About Flash Player page. If using Firefox, Flash may be disabled by default. If on Windows or Macintosh, you should be running version 18.0.0.209. If using Linux, you should be running version 11.2.202.491.
  • Adobe Acrobat and Reader: Adobe Acrobat X and XI and Reader X and XI have security updates (APSA15-15) for critical vulnerabilities. The latest version for Adobe and Reader XI is 11.0.12 and for Acrobat and Reader X is 10.1.15.
  • Adobe Shockwave Player: A security update was released via a security bulletin (APSA15-17) for a vulnerability in Shockwave Player version 12.1.8.158 and earlier. The latest version of the player is version 12.1.9.159, available via the Shockwave Player Download Center.

In all cases, Adobe recommends users update their software to the latest versions. Read more about the Adobe Flash Player update in the news here.

Several big Internet players are calling for the retirement of Adobe Flash. Read that story in the news here.

Adobe Security Updates for Reader and Acrobat

This week Adobe released security updates for Adobe Reader and Acrobat for Windows and Macintosh. The updates patch 34 vulnerabilities in Acrobat X, Acrobat XI, Reader X and Reader XI that could potentially allow an attacker to take over the affected system.

Adobe recommends users update their product installations to the latest versions. Read the details in the Adobe Security Bulletin.

Adobe Updates for Reader and Acrobat XI

Adobe is planning to release security updates on Tuesday, May 13, for Adobe Reader and Acrobat XI (11.0.06) and earlier versions for Windows and Macintosh. The updates address critical vulnerabilities in the software.

Oracle and Adobe’s First Critical Patches of 2014

Adobe-LogoOracle and Adobe will release critical patches along side Microsoft on Patch Tuesday. Expected updates:

Security Updates for Adobe Reader and Acrobat

Adobe-LogoUnrelated to the above problems, Adobe is planning to release security updates on Tuesday, October 8 for Adobe Reader and Acrobat XI for Windows.

Software Patches for Adobe and Mozilla Products

Adobe

Adobe has issued security updates to address critical flaws in Reader, Acrobat, Flash Player and ColdFusion. The updates for Reader and Acrobat address a total of 27 vulnerabilities, 24 of which could be exploited to execute arbitrary code (malware). The updates for Flash address 13 vulnerabilities, and a hotfix for ColdFusion addresses two flaws.

Read the details in the news.

Mozilla

Mozilla has released Firefox 21, which addresses 13 security issues in the previous version of the browser. Firefox 21 also introduces a feature called “Health Report,” which lets users see information about the browser’s performance, including start-up times, total running time, and crashes, as well as the number of plug-ins, add-ons, and bookmarks. Mozilla has also released Firefox 21 for Android.

Read the details in the news.

NOTE FOR THE MIT COMMUNITY: Information Services & Technology recommends that, if you are accessing MIT enterprise applications, such as SAPweb and Employee Self Service, to remain using Firefox ESR, available from the Software grid.

Adobe Releases Security Updates

Adobe Reader and Acrobat

Adobe released updates for Reader and Acrobat X (10.1.3) and earlier for Windows and Macintosh. The updates address vulnerabilities in the software that could cause the application to crash and potentially allow an attacker to take control of the affected system. Adobe recommends users to update their product to the latest versions.

Adobe Shockwave Player

An update was released for Adobe Shockwave Player 11.6.5 and earlier versions on Mac and Windows. It addresses vulnerabilities that if successfully exploited could run malicious code on a system. Adobe recommends users update to version 11.6.6 using the instructions posted in the bulletin.

Adobe Flash Player

Updates for Adobe Flash Player 11.3.300.270 and earlier have been released for Windows, Macs and Linux. The updates address a vulnerability that could cause the application to crash and potentially allow an attacker to take control of the affected system. Adobe recommends users to update the product to the latest versions, according the instructions in the bulletin.