Patch Tuesday December 2013

This month, Adobe and Microsoft has released a few patches for vulnerabilities that you should apply as soon as possible.
Microsoft on their end has released 5 critical and 6 important fixes for vulnerabilities, while Adobe has released 2 critical ones.

The Microsoft ones span from OS, Office, Internet Explorer and Lync.

Adobe has released a security update for Adobe Shockwave Player 12.0.6.147 and earlier versions on the Windows and Macintosh operating systems. This update addresses a vulnerability that could allow an attacker, who successfully exploits this vulnerability, to run malicious code on the affected system. Adobe recommends users of Adobe Shockwave Player 12.0.6.147 and earlier versions update to Adobe Shockwave Player 12.0.7.148 using the instructions provided in the “Solution” section below.

Adobe has released security updates for Adobe Flash Player 11.9.900.152 and earlier versions for Windows and Macintosh and Adobe Flash Player 11.2.202.327 and earlier versions for Linux. These updates address vulnerabilities that could cause a crash and potentially allow an attacker to take control of the affected system. Adobe is aware of reports that an exploit designed to trick the user into opening a Microsoft Word document with malicious Flash (.swf) content exists for CVE-2013-5331. Adobe Flash Player 11.6 and later provide a mitigation against this attack.

More information:
http://helpx.adobe.com/security/products/shockwave/apsb13-29.html
http://helpx.adobe.com/security/products/flash-player/apsb13-28.html