January 15, 2014
Not to be left out of this month’s “Patch Tuesday” festivities, Adobe has released security updates for its Reader, Acrobat, Flash Player, and AIR software.
The Security Bulletin [APSB14-01] for Acrobat and Reader applies only to the Windows and Mac OS X platforms. Adobe says the affected software versions are:
- Adobe Reader XI (11.0.05) and earlier 11.x versions for Windows and Macintosh
- Adobe Reader X (10.1.8) and earlier 10.x versions for Windows and Macintosh
- Adobe Acrobat XI (11.0.05) and earlier 11.x versions for Windows and Macintosh
- Adobe Acrobat X (10.1.8) and earlier 10.x versions for Windows and Macintosh
Adobe rates the severity of the vulnerabilities addressed by this bulletin as Critical. You can obtain the new version using the software’s built-in update mechanism (Help / Check for Updates); alternatively, you can download Reader installation packages for all platforms here.
The Security Bulletin [APSB14-02]
for Flash Player
applies to all platforms (Windows, Linux, and Mac OS X). Affected software versions are:
- Adobe Flash Player 11.9.900.170 and earlier versions for Windows and Macintosh
- Adobe Flash Player 126.96.36.1992 and earlier versions for Linux
- Adobe AIR 188.8.131.520 and earlier versions for Windows and Macintosh
- Adobe AIR 184.108.40.2060 and earlier versions for Android
- Adobe AIR 220.127.116.110 SDK and earlier versions
- Adobe AIR 18.104.22.1680 SDK & Compiler and earlier versions
(You can check the version of Flash Player installed on your system by visiting Adobe’s About Flash Player page.) Adobe says this is also a Critical vulnerability. Users of Google’s Chrome browser, of of Microsoft’s Internet Explorer (Versions 10 and 11) should get the new (bundled) Flash Player automatically. Others can obtain installation packages for all platforms from Adobe’s Flash Player Download Center. Please see the Security Bulletin for information on AIR updates.
These Adobe packages have, historically, been popular targets for attackers, because they are widely installed across different platforms. I recommend that you update you systems as soon as you conveniently can.
Comments Off on Adobe Patches Flash Player, Reader | Internet, Security Patches, Software | Tagged: Acrobat, Adobe, AIR, Flash Player, Linux, Mac OS X, Reader, vulnerabilities, Windows | Permalink
Posted by Rich
January 13, 2014
In keeping with its customary schedule, Microsoft on Thursday released its Security Bulletin Advance Notification for January 2014, summarizing the security bulletins, and associated patches, that it plans to release Tuesday, January 14. This will apparently be a relatively light month, with only four bulletins slated for release; all four have an Important severity rating.
Two of the bulletins are for Windows itself. One affects Windows XP and Server 2003; the other affects Windows 7, Server 2008R2, and Server Core. Other versions of Windows (Vista, Server 2008/SP2, 8, 8.1, RT, RT 8.1, and Server 2012) are not affected at all.
One bulletin affects Microsoft Office and server software: Word, Word Viewer, Share Point Server, and WebApps. The final bulletin affects Microsoft ERP package, Dynamics AX.
Microsoft says that the two Windows bulletins will require a system restart; the others may require one, depending on your system’s configuration.
As always, this information is subject to change in the final release. I will post another note here if there appear to be significant changes.
Comments Off on Microsoft Patch Tuesday Preview, January 2014 | Internet, Security Patches, Software | Tagged: Dynamics AX, Microsoft, Office, patch Tuesday, security vulnerabilities, Share Point, Windows, Word | Permalink
Posted by Rich