patches

Adobe will release a fix for a new critical bug in Flash Player on Friday for Windows, Macintosh, Linux and Solaris, while Google Chrome users will be protected by Thursday through the browser's auto-update feature, Adobe said today.

"As part of our collaboration with Google, Google receives updated builds of Flash Player for integration and testing. Once testing is completed for Google Chrome, the release is pushed via the Chrome auto-update mechanism," Adobe said in a statement.

"Adobe is testing the fix across all supported configurations of Windows, Macintosh, Linux, Solaris and Android (more than 60 … Read more

Microsoft today urged customers to apply fixes for holes in Internet Explorer, including one being exploited in attacks, and for vulnerabilities in Windows Server Message Block (SMB) client and server software as part of a whopping Patch Tuesday.

The company released 17 bulletins resolving 64 vulnerabilities, nine of them rated "critical" and eight rated "important." However, 30 of the vulnerabilities are addressed by one bulletin, a kernel update that is rated "important," that was discovered by one researcher.

First priority is MS11-018, a cumulative security update for IE that is rated critical for IE6, … Read more

Microsoft will release 17 bulletins next week to fix 64 vulnerabilities across a swath of products including Windows, Office, and Internet Explorer, the company said in its Patch Tuesday preview.

Of the bulletins, nine are rated "critical" and eight are "important," the company said in a TechNet blog post today.

In addition to all versions of Windows; IE6, IE7, and IE8; numerous versions of Office for Windows and the Mac, affected software includes Visual Studio .NET and Visual C++, according to the advisory.

"This month we'll be closing some issues that Microsoft has already … Read more

Yesterday Apple issued a supplemental update for OS X 10.6.7 that addresses a few hangs that owners of the 13-inch MacBook Air (late 2010 model) were experiencing after applying the initial OS X 10.6.7 release. The hangs happened when users would play and manage music in their iTunes libraries, and was caused by an error with how protected audio files were being handled.

The update is a small 461KB patch that addresses compatibility issues with the AppleUpstreamUserClient and AudioAUUC system components, which are extensions that help manage protected audio content. It should be available via Software … Read more

Microsoft today released three bulletins fixing four vulnerabilities in Windows and Microsoft Office, including one that is rated "critical" for Windows XP, Vista, and Windows 7.

The bulletin MS11-015 resolves one critical vulnerability in DirectShow and one in Windows Media Player and Media Center, according to the security advisory. The more severe of the flaws could allow remote code execution, and thus complete control of a computer, if a malicious Digital Video Recording file were opened. The one vulnerability rated "important" affects certain media files in all versions of Microsoft Windows, the company said in a … Read more

Contrary to last month when Microsoft plugged 22 holes on Patch Tuesday, only four holes will be fixed in the company's monthly security update roundup next week.

There will be three bulletins, one of them rated "critical" for Microsoft Windows and the other two rated "important" and affecting Windows and Office, according to the preview advisory released today.

While they are few in number, they are not to be ignored. They all involve remote code execution, which means an attacker could force code to run on a target's machine and could lead to a … Read more

Microsoft today issued three "critical" security bulletins as part of its monthly Patch Tuesday program. Together with nine other alerts, which the company rated as "important," the bulletins address 22 vulnerabilities spanning Microsoft products from Windows and Internet Explorer to Office and Internet Information Services.

On the top of the list is MS11-003, which is a cumulative update for Internet Explorer that resolves four vulnerabilities. Included is a fix for the nasty CSS bug outlined in Security Advisory 2488013, a bug that could give attackers control of people's computers.

In a podcast about the patches, … Read more

Microsoft today said it will address 22 vulnerabilities as part of next week's Patch Tuesday, three of which are critical.

Three of the 12 bulletin items released by Microsoft earlier today are classified as critical, and affect Microsoft's Windows operating system, with one affecting Microsoft's Internet Explorer browser as well. The rest are classified as "important."

In a post on Microsoft's Security Response Center blog, the company said it will be making fixes for vulnerabilities in the Windows Graphics Rendering Engine, as well as CSS exploit in Internet Explorer that could allow an attacker … Read more

Microsoft today issued two bulletins fixing three holes in Windows, including one rated critical for Windows XP, Vista, and Windows 7 as part of Patch Tuesday.

"We are not aware of proof-of-concept code or of any active attacks seeking to exploit the vulnerabilities addressed in this month's release," the company wrote in a Microsoft Security Response Center blog post.

The critical vulnerability is addressed in Bulletin MS11-002. The bulletin fixes the critical hole and an "important" vulnerability, both in Microsoft Data Access Components, that could allow an attacker to take over the computer if a … Read more