It’s update time once again, and along with the updates from Microsoft and Adobe, I’m going to annoy you with yet another reminder that Only You Can Prevent Internet Worms. That sounds kind of gross, actually.
Analysis of the Security Update Guide spreadsheet, so thoughtfully provided by Microsoft each month, shows that this month there are thirty-three updates, addressing eighty-eight security vulnerabilities in Windows (7, 8.1, 10, and Server); Flash in Internet Explorer and Edge; Internet Explorer 9 through 11; Edge; and Office 2010, 2016, and 2019. At least twenty-one of the vulnerabilities are categorized as Critical.
If you missed last month’s update festivities, you may not be aware that there’s a very dangerous vulnerability (CVE-2019-0708) in Microsoft’s Remote Desktop feature in Windows XP, Windows 7, and Server 2008. Updates for Windows 7 and Windows Server 2008 computers are available in the usual way, via Windows Update. An update for Windows XP is also available, but you’ll have to download and install it manually, from the Microsoft Update Catalog.
I’m pestering you about this because the last time a vulnerability like this appeared, we got the global WannaCry worm mess. Patch those systems and prevent a similar worm from giving the world another major headache. Here’s Microsoft on the subject, as well as Ars Technica.
As usual, Adobe has released software updates to coincide with Microsoft’s Patch Tuesday, which makes things nice and tidy with Flash being integrated into IE and Edge. Flash 126.96.36.199 fixes a single security vulnerability.
There are a few ways to update Flash on Windows, but starting with the Flash Player Control Panel works for me. On the Flash CP’s Updates tab, you’ll find a Check Now button, which will take you to the Get Adobe Flash page. That will tell you which version you’re running. If you need an update, click the Player Download Center link on that page.