Posts

Patch Tuesday February 2016

Yet another patch Tuesday has come upon us.
Microsoft released 13 updates, some of which fix critical issues, to address vulnerabilities in their product line. Adobe on the other hand has released patches which address 22 vulnerabilities for their Adobe Flash and Adobe Acrobat/Reader products.
Oracle also pushed out a new update – Java SE 8, Update 73.

Microsoft
Adobe

Adobe Flash Vulnerability

Adobe has released security updates for Adobe Flash Player 12.0.0.44 and earlier versions for Windows and Macintosh and Adobe Flash Player 11.2.202.336 and earlier versions for Linux. These updates address vulnerabilities that could potentially allow an attacker to take control of the affected system. Adobe is aware of reports that an exploit for CVE-2014-0502 exists in the wild, and recommends users update their product installations to the latest versions.

You can find some tips regarding Flash here;
http://blog.basefarm.com/blog/bf-sirt-newsletter-2014-07/

More information: http://helpx.adobe.com/security/products/flash-player/apsb14-07.html

Adobe Flash Zero Day Exploit

There is a vulnerability available for Adobe Flash Player that means anyone running anything but the latest version of Flash has the risk of being infected by malware when browsing a website. One of the most common ways to get infected these days are by drive-by methods, which means that a common website will unknowingly start serving malware through advertisement systems or by simply getting compromised.

It doesn’t matter if you run MAC OS X, Windows or Linux; Flash is universal and everyone run the risk if they are not keeping up-to-date (same as with Java).

I really wish I could say that this is an uncommon or ground-breaking attack vector, but unfortunately it’s the same as with Java – new exploits are coming every month and those who do not keep up-to-date will get compromised. You can find multiple other entries by, for example, searching for patch tuesday; http://blog.basefarm.com/?s=patch+tuesday

For those who are unsure if they are vulnerable to this, you can browse to this page to see the status of your plugins (should work with all browsers), and update as necessary: https://www.mozilla.org/en-US/plugincheck/

It could even be a good idea to set it as your start-page in order to verify your browser each and every day.

As we mentioned in a previous newsletter ( http://blog.basefarm.com/blog/basefarm-sirt-weekly-newsletter-2/ ), you should really turn on “click-to-play” in your browser for flash and other objects (or use NoScript or something similar, but that’s for more technical people).

I personally recommend using Chrome as your browser. The reason for this is that Flash will auto update itself without you having to do anything, whenever there is a new release. So, those running Chrome does not need to worry about this specific vulnerability.

You can check which version of Flash you’re running by going to this website: http://helpx.adobe.com/flash-player.html

It should say you’re running 12.0.44 if you’re running Mac/Windows, and 11.2.202.336 if you are running Linux.

You can find more information here: http://helpx.adobe.com/security/products/flash-player/apsb14-04.html

Adobe Flash Player 11.6.602.171 for Windows and Adobe Flash Player 11.2.202.273 for Linux

Adobe has released security updates for Adobe Flash Player 11.6.602.171 and earlier versions for Windows and Macintosh, Adobe Flash Player 11.2.202.273 and earlier versions for Linux, Adobe Flash Player 11.1.115.47 and earlier versions for Android 4.x, and Adobe Flash Player 11.1.111.43 and earlier versions for Android 3.x and 2.x. These updates address vulnerabilities that could cause a crash and potentially allow an attacker to take control of the affected system.

Adobe recommends users update their product installations to the latest versions.

More information:
http://www.adobe.com/support/security/bulletins/apsb13-09.html

Security updates available for Adobe Flash Player (APSB13-08)

Today, a Security Bulletin (APSB13-08) has been posted to address security issues in Adobe Flash Player 11.6.602.168 and earlier versions for Windows, Adobe Flash Player 11.6.602.167 and earlier versions for Macintosh, and Adobe Flash Player 11.2.202.270 and earlier versions for Linux.

Adobe is aware of reports that CVE-2013-0643 and CVE-2013-0648 are being exploited in the wild in targeted attacks designed to trick the user into clicking a link which directs to a website serving malicious Flash (SWF) content. The exploit for CVE-2013-0643 and CVE-2013-0648 is designed to target Flash Player in Firefox.

Adobe recommends users apply the updates for their product installations.

You can get the latest version here: http://www.adobe.com/go/getflash

More information: http://www.adobe.com/support/security/bulletins/apsb13-08.html

Security update available for Adobe Flash Player

Adobe has released security updates for Adobe Flash Player 11.5.502.149 and earlier versions for Windows and Macintosh, Adobe Flash Player 11.2.202.262 and earlier versions for Linux, Adobe Flash Player 11.1.115.37 and earlier versions for Android 4.x, and Adobe Flash Player 11.1.111.32 and earlier versions for Android 3.x and 2.x. These updates address vulnerabilities that could cause a crash and potentially allow an attacker to take control of the affected system.
To verify the version of Adobe Flash Player installed on your system, access the About Flash Player page, or right-click on content running in Flash Player and select “About Adobe (or Macromedia) Flash Player” from the menu. If you use multiple browsers, perform the check for each browser you have installed on your system.
To verify the version of Adobe Flash Player for Android, go to Settings > Applications > Manage Applications > Adobe Flash Player x.x.

The Adobe Flash version information page can be found here: http://www.adobe.com/software/flash/about/

More information:
http://www.adobe.com/support/security/bulletins/apsb13-05.html

High Risk Flash Vulnerability

Unfortunately, there have been multiple zero-day exploits released for a couple of versions of Adobe Flash today. This could potentially mean that the news site you browse daily could be using ads from an ad-network which has been compromised and serves malware to your system (it’s actually one of the most common way of being compromised today, see “more information”). We advise everyone to update their Adobe Flash plugin as soon as possible to put yourself at a lesser risk of being compromised.

You can download the latest version of Adobe Flash here: http://get.adobe.com/flashplayer/
You can verify which version of Adobe Flash you have installed, as well as see the latest version available, on this url: http://www.adobe.com/software/flash/about/

More information:
http://www.adobe.com/support/security/bulletins/apsb13-04.html
http://www.securitybistro.com/blog/?p=5384