Wednesday, November 26, 2014

Adobe Flash Player Update Available

Adobe have released updated versions of their Flash Player. The new version adds extra hardening against the vulnerability CVE-2014-8439 (a vulnerability in the handling of a dereferenced memory pointer that could lead to code execution) which was mitigated in the October release.

Affected versions:

- Users of Adobe Flash Player 15.0.0.223 and earlier versions for Windows and Macintosh should update to Adobe Flash Player 15.0.0.239

- Users of Adobe Flash Player 11.2.202.418 and earlier versions for Linux should update to Adobe Flash Player 11.2.202.424

- Flash Player integrated with Google Chrome will be updated by Google via Chrome update

- Flash Player integrated with Internet Explorer 10 and 11 (on Windows 8.x) will be updated via Windows Update



More information can be read from Adobe's security bulletin.

Sunday, November 23, 2014

WordPress 4.0.1 Released

There have been released new versions of WordPress (blogging tool and content management system) which contains updates to critical security vulnerabilities.

Affected versions:
3.9.2, 3.8.4, 3.7.4 and their earlier versions

More information can be read from the WordPress blog.

Wednesday, November 19, 2014

Google Chrome Updated

Google have released version 39.0.2171.65 of their Chrome web browser. New version contains fixes to 42 security issues.

More information about these in Google Chrome Releases blog.

Symantec Intelligence Report: October 2014

Symantec have published their Intelligence report that sums up the latest threat trends for October 2014.

Report highlights:
- Of the industries attacked through spear phishing, the category of Finance, Insurance, and Real Estate received 28 percent of all attempts in the month of October.
- The largest data breach in October had previously been reported; however, we learned this month that the breach resulted in the exposure of identities within 76 million households.
- OSX.Okaz was the most frequently encountered OSX risk seen on OSX endpoints, making up 28.8 percent of OSX risks.
- Crypto-style ransomware made up 55 percent of all ransomware seen in the month of October.


The report (in PDF format) can be viewed here.

Monday, November 17, 2014

Microsoft Security Intelligence Report Volume 17 Released

Microsoft have released volume 17 of their Security Intelligence Report (SIR)). The Security Intelligence Report (SIR) is an investigation of the current threat landscape. The report can be downloaded here.

Wednesday, November 12, 2014

Google Chrome Updated

Google have released version 38.0.2125.122 of their Chrome web browser. Among other fixes (log) the new version contains an update for Adobe Flash.

More information about these in Google Chrome Releases blog.

Adobe Flash Player And Adobe AIR Updates Available

Adobe have released updated versions of their Flash Player and AIR. The new versions fix critical vulnerabilities that could cause a crash and potentially allow an attacker to take control of the affected system.

Affected versions:

- Users of Adobe Flash Player 15.0.0.189 and earlier versions for Windows and Macintosh should update to Adobe Flash Player 15.0.0.223

- Users of Adobe Flash Player 11.2.202.411 and earlier versions for Linux should update to Adobe Flash Player 11.2.202.418

- Flash Player integrated with Google Chrome will be updated by Google via Chrome update

- Flash Player integrated with Internet Explorer 10 and 11 (on Windows 8.x) will be updated via Windows Update

- Users of the Adobe AIR 15.0.0.302 SDK and earlier versions should update to the Adobe AIR 15.0.0.356 SDK.

- Users of the Adobe AIR 15.0.0.302 SDK & Compiler and earlier versions should update to the Adobe AIR 15.0.0.356 SDK & Compiler.

- Users of Adobe AIR 15.0.0.293 and earlier versions for Android should update to Adobe AIR  15.0.0.356.

- Users of Adobe AIR 15.0.0.293 and earlier versions for Windows and Macintosh should update to Adobe 15.0.0.356.


More information can be read from Adobe's security bulletin.