January 21, 2015
On Tuesday, January 13, Microsoft issued eight bulletins, including one marked critical, to address security issues in various versions of Windows. Included in the patches are fixes for two flaws in Windows 8.1 that Google recently disclosed as part of its Project Zero security program. Both flaws are also exploitable in other versions of Windows, although Google tested them in Windows 8.1 only. None of the bulletins address flaws in Internet Explorer, a rare occurrence for Microsoft.
Adobe has issued fixes for nine flaws in Flash Player. The flaws could be exploited to record keystrokes or take control of vulnerable systems. Flash Player 18.104.22.1687 is available for Windows and Mac OS X, and FlashPlayer 22.214.171.1249 is available for Linux. Flash will be automatically updated in Google’s Chrome browser and in Internet Explorer running on Windows 8 and 8.1.
Mozilla has released Firefox 35. The latest version of the browser includes fixes for a number of security issues. Several of the flaws have been rated critical. Mozilla has also issued updates for Firefox ESR, SeaMonkey, and Thunderbird.