Adobe and Oracle Release Critical Updates

Adobe released a fix for a zero-day bug in Adobe Flash Player for Windows and Mac. Users should update to Adobe Flash Player 17.0.0.169. If you are unsure whether your browser has Flash installed or what version it may be running, go to Adobe’s Flash Player page. Internet Explorer on Windows 8 and Chrome should automatically update.

Oracle’s quarterly critical patch update plugs 15 security holes in Java 8. If you have Java installed and use it for specific websites or applications, update as soon as possible. Windows users can check for the program in the Add/Remove Programs listing or visit Java.com and click the “Do I have Java?” link on the home page. Note that Oracle will be ending support for Java 7 after this update of Java 8 (Update 45).

Read the full story at Krebs on Security.

Various Security Updates in January

Microsoft

On Tuesday, January 13, Microsoft issued eight bulletins, including one marked critical, to address security issues in various versions of Windows. Included in the patches are fixes for two flaws in Windows 8.1 that Google recently disclosed as part of its Project Zero security program. Both flaws are also exploitable in other versions of Windows, although Google tested them in Windows 8.1 only. None of the bulletins address flaws in Internet Explorer, a rare occurrence for Microsoft.

Adobe

Adobe has issued fixes for nine flaws in Flash Player. The flaws could be exploited to record keystrokes or take control of vulnerable systems. Flash Player 16.0.0.257 is available for Windows and Mac OS X, and FlashPlayer 11.2.202.429 is available for Linux. Flash will be automatically updated in Google’s Chrome browser and in Internet Explorer running on Windows 8 and 8.1.

Mozilla

Mozilla has released Firefox 35. The latest version of the browser includes fixes for a number of security issues. Several of the flaws have been rated critical. Mozilla has also issued updates for Firefox ESR, SeaMonkey, and Thunderbird.

Adobe Issues Updates for Flash Player and AIR

Adobe has released updates for its Flash player and AIR to address 18 security flaws. Updates are available for Windows, Mac, and Linux. The Most current version of Flash is now 15.0.0.223; the most current version of AIR for Windows, Mac, and Android is now 15.0.0.356. Windows users who run browsers other than Internet Explorer (IE) may need to updates twice: once for IE and once for the other browser.

Read the full story in the news.

Adobe Releases Flash Player Update, Delays Reader and Acrobat Fixes

Last week, Adobe released an update for Flash to address a dozen critical flaws. Chrome and IE 11 users will find their versions of Flash automatically updated.  You can see which version you have installed here, or download Adobe Flash Player here.

Fixes for flaws in Reader and Acrobat that had been scheduled to be released last week are delayed until this week so Adobe can conduct further testing.

Read the full story in the news.

Flash Player Updates & Microsoft Security Updates

ADOBE

Due to recent security vulnerabilities in Flash Player, Adobe has released version 14.0.0.145 (11.2.202.394 for Linux) this week for all platforms. All operating systems on the now out-of-date versions are vulnerable and recommended to update to the latest version. Additionally because of the severity of these vulnerabilities, Apple has blocked all out-of-date Flash Player plug-ins for OS X.

From Apple: “Due to security issues in older versions, Apple has updated the web plug-in blocking mechanism to disable all versions prior to Flash Player 14.0.0.145 and 13.0.0.231.”

Install or check your version of Flash Player in your browser here.

For assistance, contact the Help Desk at 617.253.1101 or helpdesk@mit.edu. You can also submit a request online.

MICROSOFT

Last week on Patch Tuesday, July 8th, Microsoft released six updates to address 29 security vulnerabilities.

Systems affected:

  • Internet Explorer (all supported versions)
  • Microsoft Windows (all supported versions)

There was also updated firmware for all Microsoft Surface tablets, labeled “System Firmware Update – 7/8/2014,” available via Windows Update, improving various hardware issues.

Read the story in the news.

Oracle and Adobe’s First Critical Patches of 2014

Adobe-LogoOracle and Adobe will release critical patches along side Microsoft on Patch Tuesday. Expected updates:

Adobe Releases Security Updates for Flash, ColdFusion

Adobe-LogoAdobe has released security updates for Flash Player and ColdFusion to address four vulnerabilities. The Flash update is available for Windows, Mac, and Linux. According to Adobe, the updates are not related to the recent theft of ColdFusion source code.

Read the full article online.

Follow

Get every new post delivered to your Inbox.

Join 79 other followers