Category Archives: Flash.
, , ,.
fixes a single security vulnerability in earlier versions.
The easiest way to determine whether you’re running Flash is to visit the on the Adobe web site.
Click the Check Now button to see the version your browser is running.
Further down the page, there’s a small Flash demo that you can use to verify that Flash is installed and running in your browser.
Your browser may also block Flash or prompt you to allow Flash to run
Also on that page there’s a link to.
At that point we’ll be recommending that everyone completely disable and/or remove Flash from all their computers, unless there’s some specific reason it’s still needed.
And the world will be a much better place.
, , , , , , ,.
Analysis of Microsoft’s for February 2020 reveals that there are thirty-eight updates, addressing one hundred and one security issues in Internet Explorer, Edge (both the old and new versions).
Flash embedded in Internet Explorer
Office, and Windows.
Thirteeen of the updates have been flagged as Critical.
The latest version of Flash, 126.96.36.1990, in earlier versions.
Update Flash on pre-Windows 10 computers by heading to the Windows Control Panel and running the Flash applet.
On the Updates tab, check the version and click the Check Now button.
Click the link to the.
Make sure to disable any checkboxes for installing additional software, then click the big Install Now button.
Follow the prompts.
You may have to restart your web browser for the update to finish.
Adobe Reader 2020.006.20034, also released this Patch Tuesday, includes in earlier versions.
, , , , , , , Patch Tuesday for September 2019.
September 10, 2019 Leave a comment It’s another Patch Tuesday, and this month we have the usual pile from Microsoft, along with a new version of Flash.
Analysis of the summary spreadsheet — helpfully provided by Microsoft on the site — shows that there are forty-nine updates, addressing eighty vulnerabilities in Windows, Internet Explorer,.
NET, Edge and Office.
Seventeen of the vulnerabilities are critical.
Those of you running Windows 10 will get these updates automatically, unless you’ve explicitly configured Windows to delay updates.
Everyone else should navigate to Windows Update in the Windows Control Panel or Windows Settings.
The new version of Flash is 188.8.131.52.
It addresses two critical security bugs in earlier versions, both of which were discovered and reported by independent security researchers.
Anyone who still uses Flash, especially if it’s enabled in any web browser, should update Flash as soon as possible.
Go to the Flash applet in the Windows Control Panel to check your version and install the new version.
, , , , ,.
The latest Firefox includes fixes for at least , and improves overall privacy and security by enabling by default.
New in is a feature that allows you to block any video you encounter, not just those with autoplayed audio:.
, , , , , , , Patch Tuesday for June 2019.
June 11, 2019 Leave a comment It’s update time once again, and along with the updates from Microsoft and Adobe, I’m going to annoy you with yet another reminder that Only You Can Prevent Internet Worms.
That sounds kind of gross, actually.
Analysis of the spreadsheet, so thoughtfully provided by Microsoft each month, shows that this month there are thirty-three updates, addressing eighty-eight security vulnerabilities in Windows (7, 8.1, 10, and Server); Flash in Internet Explorer and Edge; Internet Explorer 9 through 11; Edge; and Office 2010, 2016, and 2019.
At least twenty-one of the vulnerabilities are categorized as Critical.
If you missed last month’s update festivities, you may not be aware that there’s a very dangerous vulnerability (CVE-2019-0708) in Microsoft’s Remote Desktop feature in Windows XP, Windows 7, and Server 2008.
Updates for Windows 7 and Windows Server 2008 computers are available in the usual way, via Windows Update.
An update for Windows XP is also available, but you’ll have to download and install it manually, from the Microsoft Update Catalog.
I’m pestering you about this because the last time a vulnerability like this appeared, we got the global WannaCry worm mess.
Patch those systems and prevent a similar worm from giving the world another major headache.
Here’s Microsoft on the subject, as well as Ars Technica.
As usual, Adobe has released software updates to coincide with Microsoft’s Patch Tuesday, .
Which makes things nice and tidy with Flash being integrated into IE and Edge
Flash 184.108.40.206 fixes a single security vulnerability.
There are a few ways to update Flash on Windows, .
But starting with the Flash Player Control Panel works for me
On the Flash CP’s Updates tab, you’ll find a Check Now button, .
Which will take you to the Get Adobe Flash page
That will tell you which version you’re running.
If you need an update, click the link on that page.
, , , , , , , Patch Tuesday for May 2019.
May 14, 2019 Leave a comment From Microsoft this month, we get forty-six updates, addressing seventy-nine distinct vulnerabilities in the usual gang of idiots, namely Windows, Office, Internet Explorer, Edge,.
NET, Flash in Internet Explorer, and Visual Studio.
Nineteen of the updates have been flagged with Critical severity.
Head over to Microsoft’s for more details.
Those of you running Windows 10 may actually be satisfied with its automatic updates, despite the problems.
Either that or you’ve given up fighting Microsoft.
And of course there are plenty of folks running Windows 7 and 8 with automatic updates enabled, in response to which I can only tip my hat and tell you that you’re braver than I.
The rest of us will (or should) be making the trudge over to Windows Update today.
Microsoft dons a white hat.
One of the updates made available by Microsoft today fixes a serious vulnerability (CVE-2019-0708) in older versions of Windows, including Windows 7, XP, and Server 2008.
Despite the fact that official support for these versions has ended, Microsoft decided to make the world a slightly better place, taking the time to develop, test, and publish these updates.
Which is good, because the hole being fixed is a bad one, in that it could provide a handy new conduit for malicious software worms to propagate… just like WannaCry did in 2017.
So, two things: first of all, thanks Microsoft.
Second, if you run Windows 7 or Windows Server 2008 computers, please check Windows Update and install the May 2019 monthly security rollup as described on this Microsoft page.
For any computers running Windows XP, you’ll have to download the appropriate update from the Microsoft Update Catalog, as decribed on this Microsoft page.
More about Microsoft’s unusual move.
Microsoft: Prevent a worm by updating Remote Desktop Services (CVE-2019-0708).
Customer guidance for CVE-2019-0708 | Remote Desktop Services Remote Code Execution Vulnerability: May 14, 2019.
Brian Krebs: Microsoft Patches ‘Wormable’ Flaw in Windows XP
7 and Windows 2003.
Ars Technica: Microsoft warns wormable Windows bug could lead to another WannaCry.
SANS: Microsoft May 2019 Patch Tuesday.
Adobe’s contribution this month consists of new versions of Flash and Acrobat Reader
Flash 220.127.116.11 addresses a single security vulnerability, while Acrobat Reader DC 2019.012.20034 addresses a whopping eighty-four vulnerabilities in earlier versions.
Reader will generally update itself, but you can make sure by navigating its menu to Help > Check for Updates.
The easiest way to update Flash is to look for it in the Windows Control Panel
Go to the Updates tab of the Flash control panel widget and click Check Now
This will take you indirectly to the download page for Flash.
Make sure you opt out of any additional software offered for install on that page.
, , , , , , , Shockwave, Patch Tuesday for March 2019.
April 9, 2019 Leave a comment You know, it’s theoretically possible that we could get a Patch Tuesday with no updates to install.
We’ve had months like that for Adobe products.
Not for Microsoft, though, at least not in my memory.
Anyway… this month from Microsoft we have thirty-four updates, addressing seventy-five security vulnerabilities in Internet Explorer, Edge, Flash in Microsoft browsers, Office, and Windows.
At least that’s what my analysis shows.
The source of this information, Microsoft’s , is a complex beast.
Reminder: these updates are only for versions that are still supported.
Windows XP is no longer supported, and Windows 7 won’t be for much longer.
Versions of Office older than 2010 are no longer supported, and Office 2010 support will end later in 2019.
It was a busy month for Adobe, with updates to Flash, Reader, and Shockwave.
Flash 18.104.22.168 includes fixes for two vulnerabilities in earlier versions.
Acrobat Reader DC, the variant of Adobe’s Acrobat/Reader product line you probably use, is up to version 2019.010.20099.
The new version addresses twenty-one vulnerabilities in earlier versions.
Shockwave Player 22.214.171.124 addresses seven security bugs in earlier versions.
You’re slightly less likely to have this software installed on your computer, but it’s worth checking if you’re not sure.
There are links to download the new versions on all the release announcement pages linked to above.
, , , , , , , Patch Tuesday for February 2019.
February 12, 2019 Leave a comment Analysis of Microsoft’s for February 2019 reveals that there are sixty-one distinct updates and corresponding articles in Microsoft’s support knowledge base.
At least seventy-seven vulnerabilities in Windows, Office,.
NET, Internet Explorer, Edge, and Visual Studio are addressed by the updates.
Twenty of the updates are flagged as Critical.
Included in the updates is a new version of Flash for Internet Explorer and Edge
As always, the easiest way to update Microsoft software is to use Windows Update, found in the Control Panel or System settings of your version of Windows.
Adobe once again adds to the patching load with new versions of Flash and Reader
Flash 126.96.36.199 addresses a single security vulnerability in earlier versions.
The easiest way to check your Flash version and grab an update is to visit the Flash Help page.
Adobe Reader DC 2019.010.20091 includes fixes for at least seventy security bugs in earlier versions.
Newer versions of Reader support auto-updates, but you can check for new versions by running Reader, and selecting Help > Check for Updates from its menu.
If there’s a new version available, you’ll be prompted to install it.
, , , , , , Patch Tuesday for December 2018.
December 11, 2018 Leave a comment It’s the second Tuesday of the month, so it’s once again time to play Patch Or Else, brought to you by Microsoft and Adobe.
It’s easy to get complacent about updating software: diligently installing updates as soon as they become available is an essential part of a good security strategy, and it means you’re less likely to fall afoul of malicious activity.
But it also means that after a while you can lose sight of the risk of not staying up to date, and gradually become lax about installing updates.
History is filled with stories of lost lessons; it’s apparently in our nature to forget what’s important when we aren’t reminded of the reasons for that importance.
Analysis of Microsoft’s for the December 2018 updates reveals that this month we have sixty-seven distinct updates, half of which are flagged as having Critical severity.
The updates address security issues in Adobe Flash (embedded in Internet Explorer and Edge), Internet Explorer, Edge,.
NET, Office, Visual Studio, and Windows.
Update Windows and your other Microsoft software via Windows Update.
In Windows 10, open the Start Menu and click on Settings > Update & Security settings > Windows Update.
In older versions of Windows, you can find Windows Update in the Control Panel.
Presumably as part of the ongoing push for transparency in response to Windows 10 update problems earlier this year, Microsoft Corporate VP Michael Fortin posted an article, coinciding with this month’s updates, that explains some of the planning that goes into the monthly updates.
Fortin points out that “During peak times, we update over 1,000 devices per second”.
Adobe’s contribution to the patch pile this month is a new version of Adobe Reader.
The new Reader includes fixes for at least eighty-seven vulnerabilities, many having Critical severity.
The release notes for Adobe Reader DC 2019.010.20064 provide additional details.
Update Reader by pointing your browser to the Acrobat Reader Download Center.
, , , Flash 188.8.131.52 fixes two security bugs.
December 8, 2018 Leave a comment Released on December 5th, the latest Flash addresses two security vulnerabilities in earlier versions.
The security bulletin for Flash 184.108.40.206 provides additional details.
If you’re still using Flash, you should install the new version as soon as possible.
If you use a web browser with a Flash plugin enabled, don’t wait: update now.
If you’re not sure whether your browser has Flash enabled, visit the with that browser.
The Help page will detect Flash in your browser
tell you which version is installed, and provide a download link for the latest version.
Web browsers that include their own embedded Flash will be updated via their usual channels: for Microsoft browsers, that means Windows Update.
Chrome usually updates itself automatically, but you can trigger an update by navigating its menu to Help > About Google Chrome.
2 19 Next →.
from · · · As predicted, Australia”s idiotic new tax on news aggregators that send traffic to news sites is going to make things much worse.
from · · · Ah, Nintendo.
Could we hate you any more than we do already.
I”m not sure, but your lawyers certainly want to find out.
from · · · The Devonian extinction event (50% of all genera died off) 359 million years ago may have been caused by a supernova 65 light years from Earth.
If that happened today it would really suck.
from · · · from · · · Ten years on, France”s ridiculous anti-piracy effort, Hadopi, has been nothing more than a misguided waste of public money.
from · · · Publishers: we love libraries.
Also publishers: we really really hate libraries, and people should pay to use them anyway.
from · · · Techdirt”s complete dismantling of the ridiculous ”Letter on Justice and Open Debate” published by Harper”s Magazine is required reading.
from · · · The new social media service Parler claimed it wouldn”t censor content, distinguishing it from Twitter.
from · · · Here”s what you need to know about Section 230 Of the USA”s Communications Decency Act.
You know, the one that”s being blamed for everything bad on the Internet.
from · · · Subscribe © 2020 Jeff Rivett Consulting.