Critical patches for Windows and Flash Player

by Graham Cluley on August 11, 2010 | Leave a comment

Filed Under: Adobe, Adobe Flash, Malware, Microsoft, Vulnerability

Flash and Windows
If you're a user of Windows or Flash (and I would imagine that covers the vast majority of you) then it's time to roll out the latest critical security patches, as Microsoft and Adobe have released updates to their software.

First up is Microsoft, who have released a bumper bundle of fixes as part of their regular "Patch Tuesday" cycle, issuing 14 bulletins to remedy 34 security holes in Windows, Internet Explorer, Microsoft Office, Silverlight, Microsoft XML Core Services and Server Message Block.

Eight of the bulletins have been Microsoft's highest severity rating of "critical", with the rest being labelled "important".

The good news, as Chet Wisniewski explains, is that we haven't yet seen any malware spreading by exploiting these vulnerabilities - but that may only be a matter of time.

Separately, Microsoft has also issued an advisory about a zero-day vulnerability, which could allow untrusted code to run on a user's machine by exploiting a weakness in the Windows Service Isolation feature.

Meanwhile, another platform commonly targeted by malicious hackers has been updated to defend against security vulnerabilities.

Adobe has identified critical vulnerabilities in Adobe Flash Player version 10.1.53.64 and earlier, and urged users to update their installations of Flash and Adobe Air.

If you're not sure which version of the Adobe Flash Player you have installed, visit the About Flash Player page. Remember that if you use more than one browser on your computer you should check the version number on each.

By the way, be careful when installing a new version of Flash to think carefully about whether you also want to install McAfee Security Scan Plus. Adobe rather naughtily (in my humble opinion) defaults to having that box selected by default even though it's not necessary if all you want to do is update Flash.

Adobe Flash update with unwanted McAfee

It would obviously be a good idea for everyone to update vulnerable computers as soon as possible.

Tags: , ,

Leave a Reply

Your email address will not be published. Required fields are marked *

*

You may use these HTML tags and attributes: <a href="" title="" rel=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <pre> <q cite=""> <strike> <strong>

About the author

Graham Cluley has worked in the computer security industry for more than 20 years, developing anti-virus software and doing quite a lot of talking about internet threats. He's won awards for his blogging, but is proudest of the text adventure games he wrote when he was still wearing short trousers. You can learn more about those (the games, not the trousers) at grahamcluley.com. Send Graham an email, subscribe to his updates on Facebook, follow him on Twitter and App.net, and circle him on Google Plus for regular updates.