Your daily technology class with Professor Randy!!

Randy The Tech Professor

June 29th, 2016 at 11:29 am

Third Party Program Updates For The Month Of June 2016

adobe flashHello everyone,

This month there are 6 patch releases from Adobe and 1 for both Chrome and Firefox. A security advisory for Adobe Flash was released this month stating that there are active attacks exploiting CVE-2016-4171. Apply the patch for Adobe Flash as soon as possible since attackers are using spearphishing emails with malicious links to exploit this vulnerability. Chrome and Firefox both resolve numerous vulnerabilities in their newest release. Finish off this month of non-Microsoft patches by reviewing the remaining Adobe patches for Air, ColdFusion, DNG, Brackets, and Creative Cloud.

Randy The Tech Professor

June 2016: Third Party (Non-Microsoft) Patches

Identifier

Vendor/Product

Product Version Affected

Date Released by Vendor

Vulnerability Info.

Vendor
Severity/Recommendation

CVE-2016-4126

Adobe Air

21.0.0.215 and earlier

6/16/2016

Arbitrary Code Execution

Priority3/Update:admin’s discretion

Multiple CVE’s

Adobe Flash

Win/Mac 21.0.0.242 and earlier

ESR 18.0.0.352 and earlier

Linux

11.2.202.621 and earlier

6/16/2016

Arbitrary Code Execution

Priority1/Update as soon as possible

CVE-2016-4167

Adobe DNG

14 and earlier

6/14/2016

Arbitrary Code Execution, Denialof Service

Priority3/Update:admin’s discretion

Multiple CVE’s

Adobe Brackets

1.6 and earlier

6/14/2016

Cross-Site Scripting

Priority3/Update:admin’s discretion

Multiple CVE’s

Adobe Creative Cloud

3.6.0.248 and earlier

6/14/2016

Privilege Escalation

Priority3/Update:admin’s discretion

CVE-2016-4159

Adobe ColdFusion

10u19 and earlier

11u8 and earlier

2016u1

6/14/2016

Cross-Site Scripting

Priority2/Update within 30 days

Multiple CVE’s

Google Chrome

Before 51.0.2704.106

6/23/2016

Denial Service, Security Bypass, Information Disclosure, Spoofing

Update after testing

Multiple CVES’s

Mozilla Firefox

Before 47

6/7/2016

Arbitrary Code Execution, Denial Service, Cross-Site Scripting, Spoofing, Security Bypass

Update as soon as possible

Best wishes,
Randy Knowles

Tags: ,
-

 

RSS feed for comments on this post | TrackBack URI