Thursday, September 22, 2016

Mozilla Firefox Updates Released

Mozilla have released updates to Firefox browser to address a bunch of vulnerabilities of which several categorized as critical and high.

Affected products are:
- Mozilla Firefox earlier than 49
- Mozilla Firefox earlier than ESR 45.4

Lists of fixed vulnerabilities:
- Security vulnerabilities fixed in Firefox 49
- Security vulnerabilities fixed in Firefox ESR 45.4

Fresh version can be obtained via inbuilt updater or by downloading from the product site:
Firefox

Sunday, September 18, 2016

VMware Updates Available

VMware has released security update to patch multiple vulnerabilities in their virtualization applications.

Affected versions:
- VMware Workstation Pro versions earlier than 12.5.0 on Windows platform
- VMware Player versions earlier than 12.5.0 on Windows platform
- VMware Tools versions earlier than 10.0.9 on Mac OS X platform
- VMware ESXi versions 6.0 and 5.5 and Fusion versions earlier than 8.5.0 include also vulnerable version of VMware Tools

Further information including updating instructions can be read from VMware's security advisory.

Security Update Available for Adobe AIR SDK & Compiler

There has been released a new version of Adobe AIR SDK & Compiler. New version adds support for secure transmission of runtime analytics for AIR applications on Android (CVE-2016-6936).

Affected are Adobe AIR SDK & Compiler 22.0.0.153 and earlier versions on Windows and Macintosh.

More information from Adobe security bulletin.

Vulnerabilities Fixed In Adobe Digital Editions

Adobe have released a new version of their ebook reader software Adobe Digital Editions. The new version fixes critical memory corruption vulnerabilities that may allow an attacker to execute arbitrary code in vulnerable system.

Affected versions are Adobe Digital Editions 4.5.1 and earlier versions on Windows, Macintosh, iOS and Android. Users of affected versions should update their versions to the latest one (currently 4.5.2).

More information (including download instructions for new version) can be read from Adobe security bulletin.

Adobe Flash Player Update Available

Adobe have released updated versions of their Flash Player. The new versions fix critical vulnerabilities that could cause a crash and potentially allow an attacker to take control of the affected system.

Affected versions:
- Users of Adobe Flash Player 22.0.0.211 and earlier versions for Windows and Macintosh should update to Adobe Flash Player 23.0.0.162

- Users of Adobe Flash Player 11.2.202.632 and earlier versions for Linux should update to Adobe Flash Player 11.2.202.635

- Flash Player integrated with Google Chrome will be updated by Google via Chrome update

- Flash Player integrated with Internet Explorer 11 (on Windows 8.x and Windows 10) and Microsoft Edge (Windows 10) will be updated via Windows Update


More information can be read from Adobe's security bulletin.

Wednesday, September 14, 2016

Google Chrome Updated

Google have released version 53.0.2785.113 of their Chrome web browser. Among other changes the new version contains also security vulnerability fixes. More information about changes in Google Chrome Releases blog.

Microsoft Security Updates For September 2016

Microsoft have released security updates for September 2016. This month update contains 14 security bulletins of which seven categorized as critical and also seven as important.

A new version of Windows Malicious Software Removal Tool (MSRT) was released too.

More information can be read from the bulletin summary.