Category Archives: Patches and updates

Flash version 12 released

Yesterday, Adobe announced new 12-series versions of the Flash player for various environments and browsers:

  • Internet Explorer 10 on Windows 8 (via Windows Update): 12.0.0.38
  • Internet Explorer 11 on Windows 8.1: 12.0.0.38
  • Other versions of Internet Explorer: 12.0.0.38
  • Google Chrome (self-updating): 12.0.0.41
  • All other browsers on Windows: 12.0.0.43

You can get the new version from the main Flash download site.

Flash 12 includes some new features and enhancements, as well as fixes for several security vulnerabilities.

Patch Tuesday for January 2014

It’s a light month for Microsoft patches, with only four bulletins, none of which are flagged as Critical. The updates fix vulnerabilities in Office, Windows, and Server software.

Patches for the Windows XP NDProxy vulnerability and Office on Vista are among those made available today.

A post on the ISC Diary blog over at SANS has a useful overview of the vulnerabilities associated with this month’s patches.

As usual, the MSRC blog has its own spin on this month’s patches.

Oracle announces upcoming patches for Java

Oracle will issue another massive batch of updates for its products in its next Critical Patch Update, on January 14. From the pre-release announcement:

This Critical Patch Update contains 36 new security fixes for Oracle Java SE. 34 of these vulnerabilities may be remotely exploitable without authentication, i.e., may be exploited over a network without the need for a username and password.

Is your Windows XP computer booting slowly?

Windows XP computers with autoupdate enabled are taking longer and longer to boot. Microsoft has discovered a flaw in Windows Update that is slowing down the update process. As the list of available patches for Windows XP has grown over the years, the delays have increased exponentially. Microsoft tried to fix this flaw with recent updates to little effect. Ars Technica has more.

WordPress 3.8 released

The latest version of WordPress includes a style and responsiveness overhaul of the dashboard, sharp new vector-based icons, better support for mobile platforms, improved responsiveness features, better theme and widget management, better RTL (Right To Left) suport, some bug fixes, and a new theme, TwentyFourteen. An entry in the WordPress Codex lists all the changes in the new version.

Firefox 26 released with no announcement

Tuesday saw another stealth release of Firefox: version 26. As usual, the new version was not announced by Mozilla; I learned about it from a post on the CERT Current Activity blog. The official release notes for version 26 describe some of the changes in this version: nothing worthy of note. Version 26 does include fixes for some security issues, so you should upgrade as soon as possible.

Update 2013Dec16: One notable change in Firefox 26 is that Java is now blocked on all sites by default. This behaviour can be changed, but we recommend using the default setting.