12 November – Every freakin’ month (2nd Tuesday) there is a new set of Microsoft vulnerabilities, so much so that we have ignored reporting them.
But this month there is yet another set of Critical vulnerabilities that is being exploited in the field – read about it here at Krebs:
Zero-Days Rule November’s Patch Tuesday — Krebs on Security. This explains new Flash updates. [Your editor has eliminated Flash from his system…not worth the bother.]
But note: This does not cure the zero-day exploit that is capable of ruining your whole week~!~!~!
11 June – Another round for Adobe and Microsoft, explained by Krebs:
14 May – Microsoft and Adobe today each released updates to fix critical security holes in their software. Microsoft’s patch batch tackles at least 33 vulnerabilities in Windows and other products, including a fix for a zero-day vulnerability in Internet Explorer 8 that attackers have been exploiting. Separately, Adobe pushed security updates for Flash Player, Adobe Reader, Acrobat and Adobe AIR.
So says Krebs On Security today. Get all the info: Microsoft, Adobe Push Critical Security Updates
6 May – Zero Day Exploit is not only in the open for IE8, but it is published for all hackers to study from.
If you must use a Windows computer, please change over to Firefox immediately (if you haven’t already.) Then read this:
12 Feb – The normal tuesday repairs to the normallly insecure programs –
These stories never end…not even interesting reading anymore. Just do the upgrades.
Updates are available for Windows, Mac, Linux and Android users. The latest Windows and Mac version is v. 11.5.502.149, and is available from this link. Those who prefer a direct link to the OS-specific downloads can grab them here. To find out if you have Flash installed and what version your browser may be running, check out this page.
16 Jan – Days after the critical Java fix, Kreb’s On Security announces that a new exploit not patch in the version 11 release is being sold on the black-hat black market. First, learn how-to and do turn-off Java until this is patch AND even then, only if you need it.
How to Unplug Java from the Browser — Krebs on Security
Second, read more about the sordid details here: New Java Exploit Fetches $5,000 Per Buyer — Krebs on Security
Third: Point others to this site to learn “What Is Java” and how to use it if you absolutely must: What You Need to Know About the Java Exploit — Krebs on Security
13 Jan – Now it is Java wih the critical warnings…Read Kreb’s for the data, but one thing I noticed is that his link for the mac update was wrong and the auto-update that the Mac Java program points to gives an error. So here is the correct link for all OSs: Download Free Java Software, which should point to the right place. Here is where I got a successful Java for Mac download:
Oracle Ships Critical Security Update for Java — Krebs on Security Download Java for Mac OS X
Oracle Ships Critical Security Update for Java — Krebs on Security
8 January – Like the Australians needing new colors on their temperature maps as Ultra Hot turns to Double Extra Super Hot, Microsoft and Adobe are going to need new degrees above Critical and above Vulnerable. In this case, Microsoft should say, “Ultra Vulnerable Even After the Update”, As Krebs on Security explains: “… these vulnerabilities could be exploited to fully compromise vulnerable Windows systems without any help from users. …”
Read the entire piece since it has all the links for the Adobe Reader Flash Player plugin…and AIR and Acrobat…for both Windows and Mac OS.
Don’t delay…here is the link again: Adobe, Microsoft Ship Critical Security Updates — Krebs on Security