Are You Lost in the IT Wild?
If you aren’t patching your third-party vulnerabilities, your business, your assets, your sales, are just that…. vulnerable. Adobe’s Flash has had a tough month.In October we’ve seen two different critical patches released to shore up security holes where attackers can take control of your devices.“We are aware of a report that an exploit for CVE-2016-7855 exists in the wild, and is being used in limited, targeted attacks against users running Windows versions 7, 8.1 and 10.”
These zero-day critical flaws aren’t patched by Windows, you have to know about them, find them, download the content, and then install them.
Third-Party Updates
10/26/2016 – Updated debugger and standalone versions of Flash Player. These versions contain fixes for critical vulnerabilities identified in Security Bulletin APSB 16-36. The latest versions are 23.0.0.205 (Win & Mac) and 11.2.202.643 (Linux). All users are encouraged to update to these latest versions.
10/3/2016 – Earlier this this Adobe have released a Security Bulletin APSB16-25 to resolve issues with Flash Player on both Windows, OS X and Linux which allows attackers to execute arbitrary code via unspecified vectors.
Exploited – Critical Patch Releases |
Patch |
Details |
Product: Flash Player
FlashPlayer_Plugin_PPAPI_v23.0.0.205
FlashPlayer_ActiveX_v23.0.0.205
FlashPlayer_Plugin_NPAPI_v23.0.0.205 |
- These updates resolve memory corruption vulnerabilities that could lead to code execution
- These updates resolve a memory leak vulnerability
- These updates resolve type confusion vulnerabilities that could lead to viral code execution
- These updates resolve use-after-free vulnerabilities that could lead to code execution
- These updates resolve a security bypass vulnerability that could lead to information disclosure
|
Don’t miss the latest upgrades
Every month we see a bevy of new third party updates, and are always enhancing our library of supported vendors. Special requests and additions are welcomed. This month’s releases include:
Patches with Content Updates, Bug fixes and Feature enhancements |
Product |
Category |
Patch |
Chrome |
Web Browser |
Chrome_v53.0.2785.143 |
Skype |
Online calls |
Skype_v7.28.101
Skype_v7.29.0.102 |
iTunes |
Music Player |
|
Shockwave |
Media Player |
Shockwaveplayer_v12.2.5.195 |
Firefox |
Web Browser |
Web browser: Firefox_v49.0.2 |
Notepad++ |
Source code editor |
Notepadpp_v7.1 |
CitrixReceiver |
File access |
CitrixReceiver_v4.5.0.14155 |
WinSCP |
File browser |
WinSCP_v5.9.2 |
Wireshark |
Network protocol analyzer |
Wireshark_v2.2.1 |
Foobar |
Audio player |
Foobar2000_1.3.12 |
Evernote |
Multi device Note pad |
Evernote_v6.3.3.3502 |
Glary Utilities |
PC cleanup |
Glary_v5.60
Glary_v5.61 |
MediaMonkey |
Media Manager |
MediaMonkey_v4.1.14.1813 |
Adobe Air |
|
AdobeAIR_v23.0.0.257 |
AIMP |
Audio Player |
AIMP_v4.11.1841
AIMP_v4.11.1839 |
Filezilla |
FTP Client |
FileZilla_v3.22.1 |
Specific details available on 3rd Party Patch releases |
Patch |
Details |
Product: Adobe Air
AdobeAIR_v23.0.0.257 |
- Adobe has released a security update for Adobe AIR SDK and Compiler. This update adds support for secure transmission of runtime analytics for AIR applications on Android. Developers are encouraged to recompile captive runtime bundles after applying this update.
|
Product: AIMP Player
AIMP_v4.11.1841
AIMP_v4.11.1839 |
- Fixed: Playlist – the “add entire folder if one file is sent” option does not work correctly in some cases (regression)
- Fixed: Playlist – no ability to select few collapsed groups via keyboard
- Fixed: music library – table – album thumbnails view – playback that invoked via mouse double click always started from the first track in group
- Fixed: Music Library – small bugs were fixed
- Fixed: Plugins – API – an error occurs when calculating the hash code for certain images (regression)
|
Product: Filezilla FTP Client
FileZilla_v3.22.1 |
- Bugfixes and minor changes:
- OS X: Work around a nasty bug in XCode where programs explicitly compiled for older versions of OS X were silently pulling in features exclusive to the new version, resulting in crashes at runtime
- Fixed a potential crash when using SFTP
|
Firefox_v49.0.2 |
|
iTunes_v12.5.1 |
- Apple has released iTunes v12.5.1 for OS X and Windows and the update has brought an all-new Apple Music design which brings greater clarity and simplicity to every aspect of the experience.
|
Notepadpp_v7.1 |
- Fix x64 crash on macro recording
- Fix x64 crash on new language dialog of UDL
- Check plugin architecture (32-bit or 64-bit) before loading
- Enhance Smart Highlighting feature: 1. match case 2. whole word only 3. use find dialog settings for both
- Fix poor performance of hex XML entities
- Reshow CallTip text on separator character
- Skip Auto-Complete self-closing HTML tags (<br>, <base>, <track>… etc)
- Fix 2 UI issues for RTL layout
- Fix Folder as Workspace toolbar button inconsistent behavior
- Add option to skip word completion on numbers (default: ON)
- Fix bookmarks toggled off’s bug
- Sort plugin menu by plugin name
- Installer: Add 64-bit/32-bit old install detection, and old installation removal ability
- Installer: Ask user for keeping user data during uninstallation
- Installer: Fix uninstaller bug to not remove themes files from APPDATA
|
Opera_v40.0.2308.81 |
- Fixes for Opera Stable running on Sierra. We have also fixed the backspace which stubbornly navigated back in history even when the address field was focused. And, now it is again possible to seamlessly import Firefox bookmarks
|
RevoUnistallerFree_v2.0.1
RevoUnistallerPro_v3.1.7 |
- Fixed Minor bugs
- Improved scanning for leftovers
|
Thunderbird_v45.4.0 |
- Display name was truncated if no separating space before email address.
- Recipient addresses were shown in red despite being inserted from the address book in some circumstances.
- Additional spaces were inserted when drafts were edited.
- Mail saved as template copied In-Reply-To and References from original email.
- Threading broken when editing message draft, due to loss of Message-ID
- “Apply columns to…” did not honor special folders
|
WinSCP_v5.9.2 |
- Translations completed: Brazilian Portuguese, Finnish, Kabyle and Ukrainian
- Lots of usability improvements and bug fixes
|