Critical patches for Windows and Flash Player
August 11, 2010 by admin
Filed under Security News
If you’re a user of Windows or Flash (and I would imagine that covers the vast majority of you) then it’s time to roll out the latest critical security patches, as Microsoft and Adobe have released updates to their software.
First up is Microsoft, who have released a bumper bundle of fixes as part of their regular “Patch Tuesday” cycle, issuing 14 bulletins to remedy 34 security holes in Windows, Internet Explorer, Microsoft Office, Silverlight, Microsoft XML Core Services and Server Message Block.
Eight of the bulletins have been Microsoft’s highest severity rating of “critical”, with the rest being labelled “important”.
The good news, as Chet Wisniewski explains, is that we haven’t yet seen any malware spreading by exploiting these vulnerabilities – but that may only be a matter of time.
Separately, Microsoft has also issued an advisory about a zero-day vulnerability, which could allow untrusted code to run on a user’s machine by exploiting a weakness in the Windows Service Isolation feature.
Meanwhile, another platform commonly targeted by malicious hackers has been updated to defend against security vulnerabilities.
Adobe has identified critical vulnerabilities in Adobe Flash Player version 10.1.53.64 and earlier, and urged users to update their installations of Flash and Adobe Air.
If you’re not sure which version of the Adobe Flash Player you have installed, visit the About Flash Player page. Remember that if you use more than one browser on your computer you should check the version number on each.
YouTube on IE is forcing to update the flash player
June 12, 2010 by admin
Filed under Security News
If you are visiting YouTube and you want to watch any video you will see this message like this picture:
Because there is a critical vulnerabilities that have been discovered in the current versions of Adobe Flash Player for Windows, Macintosh, Solaris and Linux.
Critical patches: Update your Adobe Flash player now
June 11, 2010 by admin
Filed under Security News
Adobe has issued a security bulletin detailing critical vulnerabilities that have been discovered in the current versions of Adobe Flash Player for Windows, Macintosh, Solaris and Linux.
An update issued by Adobe claims to resolve 32 vulnerabilities in Flash Player – which if left unpatched could leave open a door for hackers to infect innocent users’ computers. Some of the security holes are already being exploited by malicious hackers.
Adobe is recommending that users upgrade to Adobe Flash Player 10.1.53.64.
If you’re not sure which version of the Adobe Flash Player you have installed, visit theAbout Flash Player page. Remember that if you use more than one browser on your computer you should check the version number on each.
Adobe further recommends that users of Adobe AIR version 1.5.3.9130 and earlier versions update to Adobe AIR 2.02.12610.
It is becoming more and more common for cybercriminals to exploit vulnerabilities in Adobe’s software – so it would be a very good idea for everyone to update vulnerable computers as soon as possible.
Critical security update for Adobe Reader and Acrobat
February 19, 2010 by admin
Filed under Security News
Adobe has issued a security bulletin urging users of its Adobe PDF Reader and Acrobat products to update their software before hackers take advantage of two critical vulnerabilities.
Adobe Reader 9.3 for Windows, Macintosh and UNIX, Adobe Acrobat 9.3 for Windows and Macintosh, and Adobe Reader 8.2 and Acrobat 8.2 for Windows and Macintosh are vulnerable to a flaw that could be exploited by hackers to make unauthorised cross-domain requests. This same vulnerability was revealed in Adobe Flash Player last week.
Meanwhile, another flaw could give hackers an opportunity to inject malicious code onto computers via vulnerable installations of Reader and Acrobat.
As we’ve mentioned many times before, it’s essential that you keep your installations of Adobe’s software up-to-date as they are increasingly being taken advantage of by hackers to launch attacks.
Adobe recommends users of Adobe Reader 9.3 and earlier versions for Windows, Macintosh and UNIX update to Adobe Reader 9.3.1 if possible. Similarly, Adobe Acrobat should be updated to version 9.3.1. It’s a shame, therefore, that Adobe’s Reader advisory makes such a bad job of linking to the right files.
For instance, the link it is giving for the Mac update actually links to a page full of Windows files:
Hopefully Adobe will sort that out soon, and make it clearer where users can download the right patches for their operating system from. I, for one, am still finding it difficult to locate Adobe Reader 9.3.1.
By Graham Cluley, Sophos
Firefox to alert users about out-of-date Adobe Flash
September 8, 2009 by admin
Filed under Security News
New versions of Firefox will warn users if their version of the Adobe Flash Player plugin is out-of-date.
After downloading the next Firefox release in 3.5.3 or 3.0.1.4, users with out-of-date versions of Flash will be presented with a message saying “you should update Adobe Flash right now”, together with a link to the free update on Adobe’s website.
Mozilla is focusing on Adobe Flash Player due to its popularity and because many internet users still carry out-of-date versions. It said this was a significant security risk and could potentially cause crashes and stability problems.
Mozilla said it would work with other plugin vendors to provide similar checks for their products in the future.
Adobe’s security problems with software have been well documented this year, with multiple flaws seen in Flash Player as well as PDF software Reader and Acrobat.
It also started running a regular security update cycle similar to Microsoft’s Patch Tuesday.
By Asavin Wattanajantra from itpro.co.uk
