Category Archives: Flash

Adobe, Flash, Internet Explorer, Microsoft, Patches and updates, Security, Windows 7, Windows 8.x

Flash Player fix for Internet Explorer 10

January 3, 2013 jrivett Leave a comment

The Flash vulnerability reported on December 11 has finally been fixed in Internet Explorer 10.

Microsoft chose not to use the regular Flash plugin in Internet Explorer 10, deciding instead to integrate the player into the IE10 code. As a result, any time the Flash player is updated, Microsoft must make corresponding changes to IE10. Hence the delay in producing the patch for IE10. Google now does the same thing with their Chrome browser, but they tend to make the required changes much more quickly.

Adobe, Flash, Patches and updates, Security

More updates for Flash Player

December 11, 2012 jrivett 1 Comment

Adobe has released new versions of Flash for all platforms. Windows users are encouraged to update Flash to the new version: 11.5.502.135.

Internet Explorer 10 and Google Chrome users will get the equivalent patch in the form of updates from Microsoft and Google, respectively.

The new versions fix a serious security issue in Flash.

Firefox, Flash, Patches and updates

Firefox 17 released

November 20, 2012 jrivett Leave a comment

The latest version of Firefox includes some security improvements designed to help prevent malware infection via out of date versions of Adobe Reader, Adobe Flash and Microsoft Silverlight. Specifically, when Firefox tries to display content using those older plugins, it will prompt the user for confirmation.

Version 17 also includes the usual assortment of security, performance and other bug fixes.

Adobe, Flash, Patches and updates, Security

Adobe Flash security updates

November 7, 2012 jrivett Leave a comment

Yesterday, Adobe announced a new version of Flash that includes fixes for several security holes in earlier versions. Anyone who uses Flash to view web-based video, which includes anyone who uses YouTube, should install the latest version of Flash as soon as possible.

The latest version of Flash for Windows is 11.5.502.110. Adobe also made available updates for older versions of Flash that address the same security vulnerabilities, but we recommend updating to the latest version.

A new version of Google Chrome, also announced yesterday, includes these security fixes. A similar patch for Internet Explorer 10 in Windows 8 was made available by Microsoft.

These updates resolve buffer overflow vulnerabilities that could lead to code execution, memory corruption vulnerabilities that could lead to code execution, and a security bypass vulnerability that could lead to code execution.

Chrome, Flash, Google, Patches and updates

Chrome 23 released

November 6, 2012 jrivett 1 Comment

Another new version of Google’s web browser was announced today. Version 23.0.1271.64 contains some new features, as well as several bug and security fixes. A new version of Adobe Flash for Chrome, containing several security fixes, is also included.

Adobe, Flash, Internet Explorer, Microsoft, Patches and updates, Security, Windows 8.x

Microsoft releases new Flash update for Internet Explorer 10

October 25, 2012 jrivett Leave a comment

Those of you running Windows 8 already should head over to Microsoft Update and install a new out-of-cycle patch for Adobe Flash in Internet Explorer 10.

Adobe, Flash, Patches and updates, Security

More security fixes for Adobe Flash

October 9, 2012 jrivett Leave a comment

Released yesterday, version 11.4.402.287 addresses security, performance and stability issues in the previous versions of Flash. Users are encouraged to install the new Flash as soon as possible.

Note that at the time of this post, the Flash Player Update Announcement on Adobe’s site shows the wrong version in the first paragraph. It should show the new version as 11.4.402.287 but instead shows it as 11.4.402.278.

Updates for Internet Explorer 10 and Google Chrome, containing associated fixes for Adobe Flash, were also released yesterday.

Chrome, Flash, Google, Patches and updates

Google Chrome Version 22.0.1229.92 released

October 9, 2012 jrivett 1 Comment

There’s another new version of Google’s Chrome web browser. Version 22.0.1229.92 addresses several security holes and includes a new version of Flash. The full details are available in the update announcement.

Adobe, Flash, Patches and updates

New version of Flash

September 21, 2012 jrivett Leave a comment

Version 11.4.402.278 of Flash for Internet Explorer and other major Windows web browsers was released on September 18 with little or no fanfare. No release notes are yet available, so it’s unclear what changes were made in the new version. Additional information will be posted here as it becomes available.

About Flash Player.

Adobe, Flash, Internet Explorer, Microsoft, Patches and updates, Security, Windows 8.x

Windows 8 Internet Explorer shipping with vulnerable Flash

September 7, 2012 jrivett Leave a comment

Update 2012Sep22: A Security Advisory published yesterday by Microsoft announced the availability of a patch for Flash in Internet Explorer 10. A related post on the Microsoft Security Response Center blog explains how security updates for Flash in Internet Explorer will be handled in the future. Anyone using Internet Explorer 10 or Windows 8 should install the Flash update as soon as possible.

Update 2012Sep11: Given the negative reaction to Microsoft’s previous announcement that recent Flash vulnerabilities would not be fixed in Internet Explorer 10 until after Windows 8 is released, today’s announcement is perhaps not much of a surprise. Microsoft is now saying that the Flash holes in IE10 will be plugged much sooner than originally announced. However, there will still be an easily-exploited delay between the launch of Windows 8 and the point at which all Windows 8 systems are patched.

Recently, Google switched to an integrated version of Flash in the Chrome web browser. They did this to simplify the update process: Chrome users no longer have to worry about keeping their browser’s Flash plugin up to date.

Microsoft has apparently done something similar with Internet Explorer 10, which is included with Windows 8. Unfortunately, the recent Flash vulnerabilities were not addressed in Internet Explorer 10 when Windows 8 was finalized recently. Which means Windows 8 has at least two very serious security holes in its integrated web browser, out of the box.

Microsoft says that the Flash vulnerabilities in Windows 8’s IE10 will be fixed during the regular patch cycle, but it’s not known exactly when the updates will appear.

Nefarious hackers are no doubt preparing for a surge of new Windows 8 systems to appear on the Internet, all with these rather large holes, ready to exploit.

If you are using Windows 8 or plan to start using it soon, your options are:

Stop using Internet Explorer. This isn’t really a viable option, since the browser is integrated into the O/S.
Disable Flash in Internet Explorer 10, assuming this is even possible.
Avoid all Flash content while using Internet Explorer 10. This is increasingly difficult to accomplish, given the prevalence of Flash content on the web.

boot13

Category Archives: Flash

Flash Player fix for Internet Explorer 10

More updates for Flash Player

Firefox 17 released

Adobe Flash security updates

Chrome 23 released

Microsoft releases new Flash update for Internet Explorer 10

More security fixes for Adobe Flash

Google Chrome Version 22.0.1229.92 released

New version of Flash

Windows 8 Internet Explorer shipping with vulnerable Flash

Rants and musings on topics of interest. Sometimes about Windows, Linux, security and cool software.