Exploit This

Security News, Exploits, and Vulnerabilities.

Adobe, Microsoft Push Critical Security Fixes

Adobe and Microsoft each released critical fixes for their products today, a.k.a “Patch Tuesday,” the second Tuesday of every month. Adobe has updated its Flash Player program to resolve a half dozen critical security holes. Microsoft issued updates to correct at least 65 security vulnerabilities in Windows and associated software.

The Microsoft updates impact many core Windows components, including the built-in browsers Internet Explorer and Edge, as well as Office, the Microsoft Malware Protection Engine, Microsoft Visual Studio and Microsoft Azure.

Flash, Windows Users: It’s Time to Patch

Adobe and Microsoft each pushed critical security updates to their products today. Adobe’s got a new version of Flash Player available, and Microsoft released 14 updates covering more than 75 vulnerabilities, two of which were publicly disclosed prior to today’s patch release.

The Microsoft updates affect all supported Windows operating systems, as well as all supported versions of Internet Explorer/Edge, Office, Sharepoint and Exchange Server.

All of the critical vulnerabilities from Microsoft are in browsers and browser-related technologies, according to a post from security firm Qualys.

Adobe, Microsoft Plug Critical Security Holes

Adobe and Microsoft both on Tuesday released patches to plug critical security vulnerabilities in their products. Microsoft’s patch bundles fix close to 80 separate security problems in various versions of its Windows operating system and related software, including two vulnerabilities that already are being exploited in active attacks. Adobe’s new version of its Flash Player software fixes two flaws that malware or attackers could use to seize remote control over vulnerable computers with no help from users.

New Critical Fixes for Flash, MS Windows

Both Adobe and Microsoft on Tuesday issued patches to plug critical security holes in their products. Adobe’s Flash Player patch addresses 17 security flaws, including one “zero-day” bug that is already actively being exploited by attackers. Microsoft’s bundle of updates tackles at least 42 security weaknesses in Windows and associated software.

Patch Tuesday, 2016 U.S. Election Edition

Let’s get this out of the way up front: Having “2016 election” in the headline above is probably the only reason anyone might read this story today. It remains unclear whether Republicans and Democrats can patch things up after a bruising and divisive election, but thanks to a special Election Day Patch Tuesday hundreds of millions of Adobe and Microsoft users have some more immediate patching to do.

Microsoft: No More Pick-and-Choose Patching

Adobe and Microsoft today each issued updates to fix critical security flaws in their products. Adobe’s got fixes for Acrobat and Flash Player ready. Microsoft’s patch bundle for October includes fixes for at least five separate “zero-day” vulnerabilities — dangerous flaws that attackers were already exploiting prior to today’s patch release. Also notable this month is that Microsoft is changing how it deploys security updates, removing the ability for Windows users to pick and choose which individual patches to install.

Adobe, Microsoft Push Critical Updates

Microsoft today pushed out 13 security updates to fix at least 39 separate vulnerabilities in its various Windows operating systems and software. Five of the updates fix flaws that allow hackers or malware to break into vulnerable systems without any help from the user, save for perhaps visiting a hacked Web site.

Adobe, MS Push Patches, Oracle Drops Drama

Adobe today pushed another update to seal nearly three dozen security holes in its Flash Player software. Microsoft also released 14 patch bundles, including a large number of fixes for computers running its new Windows 10 operating system. Not to be left out of Patch Tuesday, Oracle’s chief security officer lobbed something of a conversational hand grenade into the security research community, which responded in kind and prompted Oracle to back down.

Adobe To Fix Another Hacking Team Zero-Day

For the second time in a week, Adobe Systems Inc. says it plans fix a zero-day vulnerability in its Flash Player software that came to light after hackers broke into and posted online hundreds of gigabytes of data from Hacking Team, a controversial Italian company that’s long been accused of helping repressive regimes spy on dissident groups.

A Month Without Adobe Flash Player

I’ve spent the better part of the last month running a little experiment to see how much I would miss Adobe’s buggy and insecure Flash Player software if I removed it from my systems altogether. Turns out, not so much.

%d bloggers like this: