Adobe have released updated versions of their Flash Player. The new versions fix a critical vulnerability that could potentially allow an attacker to take control of the affected system.
Affected versions:
- Users of Adobe Flash Player 23.0.0.185 and earlier versions for Windows and Macintosh should update to Adobe Flash Player 23.0.0.205
- Users of Adobe Flash Player 11.2.202.637 and earlier versions for Linux should update to Adobe Flash Player 11.2.202.643
- Flash Player integrated with Google Chrome will be updated by Google via Chrome update
- Flash Player integrated with Internet Explorer 11 (on Windows 8.1 and Windows 10) and Microsoft Edge (Windows 10) will be updated via Windows Update
More information can be read from Adobe's security bulletin.
Friday, October 28, 2016
Friday, October 21, 2016
New Version Of Foxit Reader And Foxit PhantomPDF Available
Foxit Software has released version 8.1 of their Foxit Reader and Foxit PhantomPDF software. The new versions contains fixes for security vulnerabilities that if exploited may allow an attacker to execute arbitrary code in target system.
Affected versions:
Foxit Reader 8.0.2.805 and earlier (Windows)
Foxit PhantomPDF 8.0.2.805 and earlier (Windows)
More information can be read here.
Affected versions:
Foxit Reader 8.0.2.805 and earlier (Windows)
Foxit PhantomPDF 8.0.2.805 and earlier (Windows)
More information can be read here.
Labels:
foxit reader,
pdf reader,
security,
security threat,
update,
vulnerability
Wednesday, October 19, 2016
Oracle Critical Patch Update For Q4 of 2016
Oracle have released updates for their products that fix 253 security issues (including seven Java fixes) in total. The updates are a part of Oracle's quarterly released critical patch update (CPU).
Detailed list of vulnerabilities with patching instructions can be read from Oracle CPU Advisory.
Next Oracle CPU is planned to be released in January 2017.
Detailed list of vulnerabilities with patching instructions can be read from Oracle CPU Advisory.
Next Oracle CPU is planned to be released in January 2017.
Google Chrome Updated
Google have released version 54.0.2840.59 of their Chrome web browser. Among other changes the new version contains also 21 security vulnerability fixes. More information about changes in Google Chrome Releases blog.
Wednesday, October 12, 2016
Creative Cloud Desktop Application Update
Adobe have released a security update to fix a vulnerability in their Creative Cloud Desktop Application. The vulnerability (CVE-2016-6935) may allow local privilege escalation.
Affected versions:
Creative Cloud 3.7.0.272 and earlier versions
More information can be read from Adobe's security bulletin.
Affected versions:
Creative Cloud 3.7.0.272 and earlier versions
More information can be read from Adobe's security bulletin.
Labels:
adobe,
creative cloud,
security,
update,
vulnerability
Adobe Reader And Acrobat Security Updates
Adobe have released security updates to fix some vulnerabilities in their PDF products, Adobe Reader and Adobe Acrobat. The vulnerabilities could allow an attacker to take over the affected system.
Affected versions:
*Acrobat DC and Acrobat Reader DC, continuous track
version 15.017.20053 and earlier
*Acrobat DC and Acrobat Reader DC, classic track
version 15.006.30201 and earlier
*of series XI (11.x)
Adobe Reader 11.0.17 and earlier
Adobe Acrobat 11.0.17 and earlier
Users of vulnerable versions are instructed to update their versions either by using automatic update functionality or by downloading fresh version manually. The default installation configuration runs automatic updates on a regular schedule and can be manually activated by choosing Help > Check for Updates.
Those who want to upgrade manually, can download the latest versions of the links below:
Adobe Reader
Adobe Acrobat
More information about fixed vulnerabilities can be read from Adobe's security bulletin.
Affected versions:
*Acrobat DC and Acrobat Reader DC, continuous track
version 15.017.20053 and earlier
*Acrobat DC and Acrobat Reader DC, classic track
version 15.006.30201 and earlier
*of series XI (11.x)
Adobe Reader 11.0.17 and earlier
Adobe Acrobat 11.0.17 and earlier
Users of vulnerable versions are instructed to update their versions either by using automatic update functionality or by downloading fresh version manually. The default installation configuration runs automatic updates on a regular schedule and can be manually activated by choosing Help > Check for Updates.
Those who want to upgrade manually, can download the latest versions of the links below:
Adobe Reader
Adobe Acrobat
More information about fixed vulnerabilities can be read from Adobe's security bulletin.
Labels:
acrobat,
adobe,
pdf reader,
security,
update,
vulnerability
Adobe Flash Player Update Available
Adobe have released updated versions of their Flash Player. The new versions fix critical vulnerabilities that could cause a crash and potentially allow an attacker to take control of the affected system.
Affected versions:
- Users of Adobe Flash Player 23.0.0.162 and earlier versions for Windows and Macintosh should update to Adobe Flash Player 23.0.0.185
- Users of Adobe Flash Player 11.2.202.635 and earlier versions for Linux should update to Adobe Flash Player 11.2.202.637
- Flash Player integrated with Google Chrome will be updated by Google via Chrome update
- Flash Player integrated with Internet Explorer 11 (on Windows 8.1 and Windows 10) and Microsoft Edge (Windows 10) will be updated via Windows Update
More information can be read from Adobe's security bulletin.
Affected versions:
- Users of Adobe Flash Player 23.0.0.162 and earlier versions for Windows and Macintosh should update to Adobe Flash Player 23.0.0.185
- Users of Adobe Flash Player 11.2.202.635 and earlier versions for Linux should update to Adobe Flash Player 11.2.202.637
- Flash Player integrated with Google Chrome will be updated by Google via Chrome update
- Flash Player integrated with Internet Explorer 11 (on Windows 8.1 and Windows 10) and Microsoft Edge (Windows 10) will be updated via Windows Update
More information can be read from Adobe's security bulletin.
Microsoft Security Updates For October 2016
Microsoft have released security updates for October 2016. This month update contains ten security bulletins of which five categorized as critical, four as important and one as moderate.
A new version of Windows Malicious Software Removal Tool (MSRT) was released too.
More information can be read from the bulletin summary.
A new version of Windows Malicious Software Removal Tool (MSRT) was released too.
More information can be read from the bulletin summary.
Monday, October 10, 2016
Symantec Intelligence Report: September 2016
Symantec have published their Intelligence report that sums up the latest threat trends for September 2016.
The report can be viewed here.
The report can be viewed here.
Monday, October 3, 2016
Google Chrome Updated
Google have released version 53.0.2785.143 of their Chrome web browser. Among other changes the new version contains also three security vulnerability fixes. More information about changes in Google Chrome Releases blog.
ESET Threat Radar Report for August 2016
ESET have published a report discussing global threats of August 2016.
TOP 10 threats list (previous ranking listed too):
1. JS/Danger.ScriptAttachment (1.)
2. LNK/Agent.DA (-)
3. Win32/Bundpil (2.)
4. HTML/Refresh (5.)
5. Win32/Agent.XWT ( 3.)
6. JS/Adware.Agent.L (5.)
7. HTML/ScrInject (6.)
8. HTML/FakeAlert (-)
9. Win32/Ramnit (7.)
10. Win32/Sality (8.)
Complete report (with a description about each of the above listed threats) can be downloaded here (in PDF format).
TOP 10 threats list (previous ranking listed too):
1. JS/Danger.ScriptAttachment (1.)
2. LNK/Agent.DA (-)
3. Win32/Bundpil (2.)
4. HTML/Refresh (5.)
5. Win32/Agent.XWT ( 3.)
6. JS/Adware.Agent.L (5.)
7. HTML/ScrInject (6.)
8. HTML/FakeAlert (-)
9. Win32/Ramnit (7.)
10. Win32/Sality (8.)
Complete report (with a description about each of the above listed threats) can be downloaded here (in PDF format).
Subscribe to:
Posts (Atom)