Microsoft has released updates to address vulnerabilities in Microsoft Office, Server Software, Windows, and Microsoft Dynamics AX, as part of the Microsoft Security Bulletin Summary for January 2014. These vulnerabilities could allow remote code execution, elevation of privilege or a denial of service.
Adobe has released security updates for Adobe Flash Player (11.9.900.170) and earlier versions for Windows, Macintosh, Adobe Flash Player (18.104.22.1682), and Linux to address multiple vulnerabilities that may allow an attacker to take control of the affected system.
Adobe has released security updates for Adobe Reader and Acrobat XI (11.0.05) and earlier versions for Windows and Macintosh to address multiple vulnerabilities affecting the following software versions:
Adobe Reader XI (11.0.05) and earlier 11.x versions for Windows and Macintosh
Adobe Reader X (10.1.8) and earlier 10.x versions for Windows and Macintosh
Adobe Acrobat XI (11.0.05) and earlier 11.x versions for Windows and Macintosh
Adobe Acrobat X (10.1.8) and earlier 10.x versions for Windows and Macintosh
Exploitation of these vulnerabilities could lead to a crash or potentially allow an attacker to take control of the affected system.
Oracle has released its Critical Patch Update for January 2014 to address 144 vulnerabilities across multiple products. This update contains the following security fixes:
5 for Oracle Database Server
22 for Oracle Fusion Middleware
2 for Oracle Hyperion
4 for Oracle E-Business Suite
16 for Oracle Supply Chain Products Suite
17 for Oracle PeopleSoft Products
2 for Oracle Siebel CRM
1 for Oracle iLearning
1 for Oracle Financial Services Software
36 for Oracle Java SE
11 for Oracle and Sun Systems Products Suite
9 for Oracle Virtualization
18 for Oracle MySQL