Critical patches for Windows and Flash Player

Filed Under: Adobe, Adobe Flash, Malware, Microsoft, Vulnerability

Flash and Windows
If you're a user of Windows or Flash (and I would imagine that covers the vast majority of you) then it's time to roll out the latest critical security patches, as Microsoft and Adobe have released updates to their software.

First up is Microsoft, who have released a bumper bundle of fixes as part of their regular "Patch Tuesday" cycle, issuing 14 bulletins to remedy 34 security holes in Windows, Internet Explorer, Microsoft Office, Silverlight, Microsoft XML Core Services and Server Message Block.

Eight of the bulletins have been Microsoft's highest severity rating of "critical", with the rest being labelled "important".

The good news, as Chet Wisniewski explains, is that we haven't yet seen any malware spreading by exploiting these vulnerabilities - but that may only be a matter of time.

Separately, Microsoft has also issued an advisory about a zero-day vulnerability, which could allow untrusted code to run on a user's machine by exploiting a weakness in the Windows Service Isolation feature.

Meanwhile, another platform commonly targeted by malicious hackers has been updated to defend against security vulnerabilities.

Adobe has identified critical vulnerabilities in Adobe Flash Player version 10.1.53.64 and earlier, and urged users to update their installations of Flash and Adobe Air.

If you're not sure which version of the Adobe Flash Player you have installed, visit the About Flash Player page. Remember that if you use more than one browser on your computer you should check the version number on each.

By the way, be careful when installing a new version of Flash to think carefully about whether you also want to install McAfee Security Scan Plus. Adobe rather naughtily (in my humble opinion) defaults to having that box selected by default even though it's not necessary if all you want to do is update Flash.

Adobe Flash update with unwanted McAfee

It would obviously be a good idea for everyone to update vulnerable computers as soon as possible.

, ,

You might like

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

About the author

Graham Cluley is an award-winning security blogger, and veteran of the anti-virus industry having worked for a number of security companies since the early 1990s. Now an independent security analyst, he regularly makes media appearances and gives computer security presentations. Send Graham an email, subscribe to his updates on Facebook, follow him on Twitter and App.net, and circle him on Google Plus for regular updates.