Your daily technology class with Professor Randy!!

Randy The Tech Professor

June 29, 2016 at 11:29 am

Third Party Program Updates For The Month Of June 2016

adobe flashHello everyone,

This month there are 6 patch releases from Adobe and 1 for both Chrome and Firefox. A security advisory for Adobe Flash was released this month stating that there are active attacks exploiting CVE-2016-4171. Apply the patch for Adobe Flash as soon as possible since attackers are using spearphishing emails with malicious links to exploit this vulnerability. Chrome and Firefox both resolve numerous vulnerabilities in their newest release. Finish off this month of non-Microsoft patches by reviewing the remaining Adobe patches for Air, ColdFusion, DNG, Brackets, and Creative Cloud.

Randy The Tech Professor

June 2016: Third Party (Non-Microsoft) Patches

Identifier

Vendor/Product

Product Version Affected

Date Released by Vendor

Vulnerability Info.

Vendor
Severity/Recommendation

CVE-2016-4126

Adobe Air

21.0.0.215 and earlier

6/16/2016

Arbitrary Code Execution

Priority3/Update:admin’s discretion

Multiple CVE’s

Adobe Flash

Win/Mac 21.0.0.242 and earlier

ESR 18.0.0.352 and earlier

Linux

11.2.202.621 and earlier

6/16/2016

Arbitrary Code Execution

Priority1/Update as soon as possible

CVE-2016-4167

Adobe DNG

14 and earlier

6/14/2016

Arbitrary Code Execution, Denialof Service

Priority3/Update:admin’s discretion

Multiple CVE’s

Adobe Brackets

1.6 and earlier

6/14/2016

Cross-Site Scripting

Priority3/Update:admin’s discretion

Multiple CVE’s

Adobe Creative Cloud

3.6.0.248 and earlier

6/14/2016

Privilege Escalation

Priority3/Update:admin’s discretion

CVE-2016-4159

Adobe ColdFusion

10u19 and earlier

11u8 and earlier

2016u1

6/14/2016

Cross-Site Scripting

Priority2/Update within 30 days

Multiple CVE’s

Google Chrome

Before 51.0.2704.106

6/23/2016

Denial Service, Security Bypass, Information Disclosure, Spoofing

Update after testing

Multiple CVES’s

Mozilla Firefox

Before 47

6/7/2016

Arbitrary Code Execution, Denial Service, Cross-Site Scripting, Spoofing, Security Bypass

Update as soon as possible

Best wishes,
Randy Knowles

Tags: ,
comments Comments (0)    -
May 27, 2016 at 7:25 pm

Third Party Program Updates For The Month Of May 2016

Secunia

Hello everyone,

This month (May 2016), patches are available for Adobe Flash, Adobe Acrobat/Reader, Apple iTunes, Google Chrome, and Mozilla Firefox. The top priority this month is Adobe Flash due to a report of an exploit for CVE-2016-4117. The Microsoft Patch Tuesday bulletin addresses this particular CVE (Common Vulnerability and Exposure), but there are several additional vulnerabilities that are remedied by this Flash patch that Microsoft did not originally address. Chrome, Mozilla or Opera should be next and prioritized based on their prevalence within the environment.

Chrome 51.0
26 May 2016
Google has released Version 51.0.2704.63 of the Chrome browser. This version improves password management, optimizes page rendering, and provides security and bug fixes.

iTunes 12.4.0
18 May 2016

Apple has released a new Version 12.4.0 of the iTunes software. This version updates the interface design, with changes to menus, navigation, media picker and sidebar, as well as providing bug fixes.

Flash Player 21.0
12 May 2016

Adobe has released Version 21.0.0.242 of the Flash Player plugin for browsers. To download the full offline installer, use these links depending upon your browser: Internet Explorer or Firefox or Opera. Use Windows Update to update the built-in Flash Player in IE11 under Windows 8 and 10, and Edge under Windows 10. Update to the latest version of Chrome to update its built-in Flash Player.

Chrome 50.012
12 May 2016

Google has released Version 50.0.2661.102 of the Chrome browser. This version provides security and bug fixes.

Acrobat Reader DC 2015 11
11 May 2016

Adobe has released a new Version 2015.016.20039 of its free software for viewing PDF documents, now known as Acrobat Reader DC. This update contains security and bug fixes.

Opera 37.011
5 May 2016

The Opera browser has been updated to Version 37.0.2178.43. This update provides security and bug fixes.
Opera 37.05 May 2016

The Opera browser has been updated to Version 37.0.2178.32. Changes in this update include a built-in ad blocker, a video pop-out feature, a Chromium update, as well as security and bug fixes.

Firefox 46.0.14
4 May 2016

Mozilla has released Version 46.0.1 of the Firefox browser. This update contains bug fixes.

Best wishes,
Randy The Tech Professor

 

 

 

 

Tags: , ,
comments Comments (0)    -
March 28, 2016 at 1:18 pm

Third Party Program Updates For The Month Of March 2016

third party patches

 

Hello everyone,

It’s a jungle out there! The Oracle patch for Java is an emergency, so go for it as soon as possible. Exploits are present for Safari and Flash so patch these soon. In addition Adobe, Google, and Mozilla patches should be applied as soon as you can do so.

Chrome 49.0
28 March 2016
Google has released Version 49.0.2623.110 of the Chrome browser. This version provides security and bug fixes.

Java Runtime Environment 8.77
25 March 2016
Oracle has released an Update 77 to the Java Runtime Environment 8.

Chrome 49.0
25 March 2016
Google has released Version 49.0.2623.108 of the Chrome browser. This version provides security and bug fixes.

Flash Player 21.0
23 March 2016
Adobe has released Version 21.0.0.197 of the Flash Player plugin for browsers. To download the full offline installer, use these links depending upon your browser: Internet Explorer or Firefox or Opera. Use Windows Update to update the built-in Flash Player in IE11 under Windows 8 and 10, and Edge under Windows 10. Update to the latest version of Chrome to update its built-in Flash Player.

Firefox 45.0.1
18 March 2016
Mozilla has released Version 45.0.1 of the Firefox browser. This update disables the Graphite font shaping library and contains bug fixes.

Opera 36.0
16 March 2016
The Opera browser has been updated to Version 36.0.2130.32. Changes in this major update include improved Windows 10 support, more customization on the start page, general interface improvements, a Chromium update, as well as security and bug fixes.

Flash Player 21.0
10 March 2016
Adobe has released Version 21.0.0.182 of the Flash Player plugin for browsers. To download the full offline installer, use these links depending upon your browser: Internet Explorer or Firefox or Opera. Use Windows Update to update the built-in Flash Player in IE11 under Windows 8 and 10, and Edge under Windows 10. Update to the latest version of Chrome to update its built-in Flash Player.

Chrome 49.0
9 March 2016
Google has released Version 49.0.2623.87 of the Chrome browser. This version provides security and bug fixes.

Firefox 45.0
9 March 2016
Mozilla has released Version 45.0 of the Firefox browser. The most significant changes in this update include a new synced tabs button, viewing of synced tabs in the Address Bar, removal of the Tab Groups feature, along with security and bug fixes.

Acrobat Reader DC 2015
9 March 2016
Adobe has released a new Version 2015.010.20060 of its free software for viewing PDF documents, now known as Acrobat Reader DC. This update contains security and bug fixes.

Chrome 49.0
3 March 2016
Google has released Version 49.0.2623.75 of the Chrome browser. This version provides improvements, as well as security and bug fixes.

Opera 35.0
3 March 2016
The Opera browser has been updated to Version 35.0.2066.92. This version provides bug fixes.

Best wishes,
Randy Knowles

 

 

 

 

 

Tags: , ,
comments Comments (0)    -
February 28, 2016 at 7:38 pm

Third Party Program Updates For The Month Of February 2016

update

Hello everyone,

An unpatched machine is an “accident waiting to happen”. Here are your latest third party updates. Please update as soon as possible and avoid “getting bit”.

Opera 35.0
24 February 2016
The Opera browser has been updated to Version 35.0.2066.82. This version updates Chromium and provides a bug fix.

Chrome 48.0
19 February 2016
Google has released Version 48.0.2564.116 of the Chrome browser. This version provides security and bug fixes.

Opera 35.0
18 February 2016
The Opera browser has been updated to Version 35.0.2066.68. This version updates Chromium and provides bug fixes.

Firefox 44.0.2
12 February 2016
Mozilla has released Version 44.0.2 of the Firefox browser. This update fixes startup crashes and provides security fixes.

Chrome 48.0
10 February 2016
Google has released Version 48.0.2564.109 of the Chrome browser. This version updates the Flash player and provides security and bug fixes.

Flash Player 20.0
10 February 2016
Adobe has released Version 20.0.0.306 of the Flash Player plugin for browsers. To download the full offline installer, use these links depending upon your browser: Internet Explorer or Firefox or Opera. Use Windows Update to update the built-in Flash Player in IE11 under Windows 8 and 10, and Edge under Windows 10. Update to the latest version of Chrome to update its built-in Flash Player.

Firefox 44.0.1
9 February 2016
Mozilla has released Version 44.0.1 of the Firefox browser. This update provides a range of bug fixes.

Java Runtime Environment 8.73
8 February 2016
Oracle has released an Update 73 to the Java Runtime Environment 8.

Chrome 48.0
4 February 2016
Google has released Version 48.0.2564.103 of the Chrome browser. This version provides security and bug fixes.

Opera 35.0
3 February 2016
The Opera browser has been updated to Version 35.0.2066.37. This version adds mute on tabs, download improvements, more customization options, updates Chromium and provides stability enhancements.

Best wishes,
Randy Knowles

 

 

Tags: ,
comments Comments (1)    -
January 26, 2016 at 12:22 pm

Third Party Program Updates For The Month Of January 2016

Third Party Vulnerability

Hello everyone,

Third party programs must be patched every month in order to keep your computer safe from malicious entities. Third party software is blamed for 76% of vulnerabilities on the average PC. Here are the latest third party program updates for the month of January 2016. Get updated as soon as possi

Firefox 44.0
27 January 2016

Mozilla has released Version 44.0 of the Firefox browser. The most significant changes in this update include enabling H.264 or WebM/VP9 video decoding depending on system capabilities, improved warning pages, web push notifications, support for Brotli HTTPS compression, along with security and bug fixes.

Chrome 48.0
28 January 2016

Google has released Version 48.0.2564.92 of the Chrome browser. Changes in this version include improved download notifications, redesigned video player, Google Photos added as a default app, and updated recovery screens, as well as security and bug fixes.

Java Runtime Environment 8.71
21 January 2016

Oracle has released an Update 71 to the Java Runtime Environment 8.

Opera 34.0
21 January 2016

The Opera browser has been updated to Version 34.0.2036.50. This version updates Chromium and improves stability and performance by fixing Turbo.

Foxit Reader 7.3.0
21 January 2016

The free Foxit PDF Reader has been updated to Version 7.3.0.0118. Changes include OneDrive and Google Drive integration, Office 2016 support, word count, time stamps, PDF sign improvements, vertical split view, as well as bug fixes.

Skype 7.18
20 January 2016

A new Version 7.18.0.109 of the communications utility Skype has been released. A change log is not yet available.

Flash Player 20.0
19 January 2016

Adobe has released Version 20.0.0.286 of the Flash Player plugin for browsers. To download the full offline installer, use these links depending upon your browser: Internet Explorer or Firefox or Opera. Use Windows Update to update the built-in Flash Player in IE11 under Windows 8 and 10, and Edge under Windows 10. Update to the latest version of Chrome to update its built-in Flash Player.

Acrobat Reader DC 2015
13 January 2016

Adobe has released a new Version 2015.010.20056 of its free software for viewing PDF documents, now known as Acrobat Reader DC. This update contains security and bug fixes.

Opera 34.0
12 January 2016

The Opera browser has been updated to Version 34.0.2036.47. This version updates Chromium, changes the Turbo icon, and provides bug fixes.

Best wishes,
Randy Knowles

Tags: , ,
comments Comments (1)    -
November 25, 2015 at 11:06 pm

Third Party Program Updates For The Month Of November 2015

adobeflashreaderoutdated

Hello everyone,

Unpatched third party programs will open up your system to malicious attacks. Each month (at a minimum), you should check for third party updates in order to keep your system locked down and secure. Here are the November 2015 updates. Get updated as soon as possible.

Key: 1) Identifier 2) Vendor/Product 3) Product Version Affected 4) Date Released by Vendor 5) Vulnerability Info 6) Severity/Recommendation

APSB15-29
Adobe ColdFusion
ColdFusion 10/11
11/17/2015
Cross Site Scripting
Important: Priority 2/ Upgrade within 30 days

APSB15-28
Adobe Flash
Win/Mac 19.0.0.226 and earlier, Win/Mac ES 18.0.0.255 and earlier
Linux 11.2.202.540 and earlier
11/10/2015
Arbitrary Code Execution
Critical: Priority 1/ Upgrade within 72 hours

APSB15-28
Adobe AIR
Win/Mac 19.0.0.213 and earlier
11/10/2015
Arbitrary Code Execution
Critical: Priority 3/ Upgrade at admin’s discretion

APSB15-31
Adobe Premiere Clip
iOS 1.1.1 and earlier
11/17/2015
Input Validation
Important: Priority 3/ Upgrade at admin’s discretion

APSB-30
Adobe LiveCycle DS
Win/Mac/Linux 4.7, 4.6.2, 4.5, 3.1.x, 3.0.x and earlier
11/17/2015
Request Forgery
Important: Priority 2/ Upgrade within 30 days

46.0.2490.86
Google Chrome
Win/Mac/Linux Before 46.0.2490.86
11/10/2015
Information Disclosure, Security Bypass
Update at admin’s discretion

42/ESR38.4
Mozilla Firefox
42/ESR 38.4
11/3/2015
Denial of Service, Security Bypass, Information Disclosure, Cross Site Scripting, Arbitrary Code Execution
Update after testing

Best wishes,
Randy Knowles

Tags: , ,
comments Comments (0)    -
October 31, 2015 at 9:05 pm

Third Party Program Updates For The Month Of October 2015

vulnerability-distribution-by-product-typeHello everyone,

Third-party applications are the most important source of vulnerabilities with over 80% of the reported vulnerabilities in third-party applications. Operating systems are only responsible for 13% of vulnerabilities and hardware devices for 4%. Please get updated as soon as possible.

Key: 1) Identifier 2) Vendor/Product 3) Product Version Affected 4) Date Released by Vendor 5) Vulnerability Info 6) Severity/Recommendation

APSB15-27
Adobe Flash
Win/Mac 19.0.0.207 and earlier
Linux 11.2.202.535 and earlier
10/16/2015
Arbitrary Code Execution
Critical: Priority 1/ Upgrade within 72 hours

APSB15-24
Adobe Acrobat/Reader
DC 2015.008.20082 and earlier
Classic 2015.006.30060
Desktop XI 11.0.12 and earlier
Desktop X 10.1.15 and earlier
10/13/2015
Arbitrary Code Execution
Critical: Priority 2/ Upgrade within 30 days

12.3.1
Apple iTunes
Before 12.3.1
10/21/2015
Arbitrary Code Execution, Denial of Service
Update as soon as possible

9.0.1
Apple Safari
Before 9.0.1
10/21/2015
Arbitrary Code Execution
Update as soon as possible

46.0.2490.80
Google Chrome
Before 46.0.2490.80
10/22/2015
Denial of Service, Security Bypass, Information Disclosure,
Update as soon as possible

41.0.2
Mozilla Firefox
Before 41.0.2
10/15/2015
Security Bypass, Information Disclosure
Update at admin’s discretion

October CPU
Oracle Java
SE 8u60, SE 7u85, SE 6u101, SE Embedded 8u51
10/23/2015
Arbitrary Code Execution
Update as soon as possible

Best wishes,
Randy Knowles

Tags: , ,
comments Comments (1)    -
September 28, 2015 at 9:47 pm

Third Party Program Updates For The Month Of September 2015

stop bugsHello everyone,

Time to update once again. This month we have three Adobe programs, two browsers, and Apple iTunes. If these programs are not updated, your machine becomes much more vulnerable to malicious attacks.

Key: 1) Identifier 2) Vendor/Product 3) Product Version Affected 4) Date Released by Vendor 5) Vulnerability Info 6) Severity/Recommendation

APSB15-23
Adobe Flash
Win/Mac 18.0.0.232 and earlier
Linux 11.2.202.508 and earlier
9/21/2015
Arbitrary Code Execution
Critical: Priority 1/ Upgrade within 72 hours

APSB15-23
Adobe Air
Win/Mac 18.0.0.199 and earlier
9/21/2015
Arbitrary Code Execution
Critical: Priority 3/ Update at admin’s discretion

APSB15-22
Adobe Shockwave
Win 12.1.9.160 and earlier
9/8/2015
Arbitrary Code Execution
Critical: Priority 1/ Upgrade within 72 hours

12.3
Apple iTunes
Before 12.3
9/16/2015
Arbitrary Code Execution, Denial of Service, Information Disclosure
Update as soon as possible

45.0.2454.101
Google Chrome
Win/Mac/Linux Before 45.0.2454.101
9/24/2015
Denial of Service, Arbitrary Code Execution, Information disclosure, Security Bypass
Update as soon as possible

41/ESR 38.3
Mozilla Firefox
Before 41/ESR 38.3
9/22/2015
Arbitrary Code Execution, Denial of Service, Information Disclosure, Security Bypass, Spoofing
Update as soon as possible

Best wishes,
Randy Knowles

Tags: , ,
comments Comments (1)    -
September 6, 2015 at 9:42 pm

Third Party Program Updates For The Month Of August 2015

update all browsersHello everyone,

Malicious entities are trying to get into your computer in any way that they can. If they can’t find “holes” in the Operating System then they will attack the browsers or any third party program that is used by/in/through the browser. You must keep all browsers and third party (non-Microsoft) programs up to date. Here are the latest updates for the past month of August 2015.

Key: 1) Identifier 2) Vendor/Product 3) Product Version Affected 4) Date Released by Vendor 5) Vulnerability Info 6) Severity/Recommendation

APSB15-19
Adobe Flash
Win/Mac 18.0.0.209 and earlier
ES 13.0.0.309 and earlier
Linux 11.2.202.491 and earlier
8/11/2015
Arbitrary Code Execution
Critical: Priority 1/ Upgrade within 72 hours

APSB15-19
Adobe Air
Win/Mac 18.0.0.180
8/11/2015
Arbitrary Code Execution
Critical: Priority 3/ Update at admin’s discretion

7.7.8
QuickTime
Before 7.7.8
8/20/2015
Arbitrary Code Execution, Denial of Service
Update as soon as possible

8.0.8/7.1.8/6.2.8
Apple Safari
Before 8.08/7.1.8/6.2.8
8/13/2015
Arbitrary Code Execution, Denial of Service, Spoofing, Security Bypass, Information Disclosure
Update as soon as possible

40/ESR38.2
Mozilla Firefox
Before 40/ESR38.2
8/11/2015
Arbitrary Code Execution, Denial of Service, Privilege Escalation, Security Bypass
Update as soon as possible

Best wishes,
Randy Knowles

Tags: , ,
comments Comments (0)    -
August 17, 2015 at 8:43 pm

Third Party Program Updates For The Month Of July 2015

risks-associated-with-third-party-software-2

Hello everyone,

I’m a bit late on this, but here they are: The Third Party Updates For The Month Of July 2015. Get updated as soon as possible!

Key: Identifier, Vendor/Product, Product Version Affected, Date Released by Vendor, Vulnerability Info, Vendor, Severity/Recommendation

APSB15-18
Adobe Flash
Win/Mac 18.0.0.203 and earlier
Win/Mac ESR 13.0.0.302 and earlier
Linux 18.0.0.204 and earlier
7/14/2015
Arbitrary Code Execution
Critical: Priority 1/ Upgrade within 72 hours

APSB15-17
Adobe Shockwave
Win/Mac 12.1.8.158 and earlier
7/14/2015
Arbitrary Code Execution
Critical: Priority 1/ Upgrade within 72 hours

APSB15-15
Adobe Acrobat/Reader
Win/Mac11.0.11 and earlier, 10.1.14 and earlier
7/8/2015
Arbitrary Code Execution
Critical: Priority 1/ Upgrade within 72 hours

APSB15-15
Adobe Acrobat/Reader DC
Win/Mac Continuous 2015.007.20033
Classic 2015.006.30033
7/8/2015
Arbitrary Code Execution
Critical: Priority 1/ Upgrade within 72 hours

7.7.7
Apple Quicktime
Before 7.7.7
6/30/2015
Arbitrary Code Execution, Denial of Service
Update as soon as possible

12.2
iTunes
Before 12.2
6/30/2015
Arbitrary Code Execution, Denial of Service
Update as soon as possible

8.0.7/7.1.7/6.2.7
Safari
Before 8.0.7/7.1.7/6.2.7
6/30/2015
Arbitrary Code Execution, Denial of Service, Cross Site Scripting, Security Bypass,
Update as soon as possible

44.0.2403.107
Google Chrome
Before 44.0.2403.89
7/24/2015
Arbitrary Code Execution, Cross Site Scripting, Denial of Service, Security Bypass, Spoofing,
Update as soon as possible

39/ESR 38.1
Mozilla Firefox
Before 39/ESR 38.1
7/2/2015
Arbitrary Code Execution, Denial of Service, Information Disclosure, Security Bypass, Spoofing
Update as soon as possible

38.1
Mozilla Thunderbird
Before 38.1
7/2/2015
Arbitrary Code Execution, Denial of Service, Security Bypass
Update as soon as possible

July CPU
Java
Before 6u95, 7u80, 8u45
7/17/2015
Arbitrary Code Execution
Update as soon as possible

Best wishes,

Randy Knowles

Tags: , , ,
comments Comments (1)    -