Yesterday, Adobe announced a new version of Flash that includes fixes for several security holes in earlier versions. Anyone who uses Flash to view web-based video, which includes anyone who uses YouTube, should install the latest version of Flash as soon as possible.
The latest version of Flash for Windows is 11.5.502.110. Adobe also made available updates for older versions of Flash that address the same security vulnerabilities, but we recommend updating to the latest version.
These updates resolve buffer overflow vulnerabilities that could lead to code execution, memory corruption vulnerabilities that could lead to code execution, and a security bypass vulnerability that could lead to code execution.
Another new version of Google’s web browser was announced today. Version 23.0.1271.64 contains some new features, as well as several bug and security fixes. A new version of Adobe Flash for Chrome, containing several security fixes, is also included.
With the pile of post-SP1 updates for Windows 7 growing and no end in sight (at least until 2020), Microsoft has decided to forsake IT workers by cancelling plans for SP2. This means that installing Windows 7 is going to become increasingly tedious: install Windows 7, install SP1, then install 100+ (and growing) patches.
Is this yet another attempt by Microsoft to get IT administrators to throw in the towel and upgrade to Windows 8? Maybe. Luckily, IT workers have plenty of tools available to create new, slipstreamed installation media for Windows 7. That means one unattended install for Windows 7, SP1 and all the updates available at the time the media was created. Microsoft stopped officially supporting slipstreaming in Vista and Windows 7, so the process is a bit more difficult, but it’s both possible and worth the effort.
You can download the Java Runtime Environment (JRE) or Java Developer Kit (JDK) appropriate for your computing environment from the Java downloads page.
Java browser plugins that are not updated as part of a JRE update will require separate updates, in some cases from the web browser developer (Chrome, Internet Explorer).
Google encourages security researchers to discover security vulnerabilities in its web browser, Chrome. The recently-concluded Pwnium 2 contest revealed one new vulnerability. A $60,000 prize was awarded to its discoverer, and within hours, a new version of Chrome (22.0.1229.94) that addresses the vulnerability was released.
Despite the fact that Windows 8 has not yet started appearing on store shelves, Microsoft is releasing a set of updates for the new operating system. Since Windows 8’s RTM (release to manufacturing), several new issues have been discovered, and the updates are intended to address those issues.
Anyone testing or evaluating Windows 8 should install the updates, which are available through Microsoft Update.
Anyone buying a new computer with Windows 8 installed on it should check for and install any pending updates immediately after powering up the computer for the first time. Anyone installing Windows 8 after it is released to retail should also immediately check for and install any pending updates.
boot13