|
In a warm up to patch Tuesday, it looks like we have a new version for Adobe Flash Player, Shockwave Player and PDF Reader. Given that some of the exploits against the vulnerabilities patched are public, you may want to expedite patching and review your Flash Player and browser configuration. the latest (patched) versions are (thanks Dave!): - Flash Player 18.0.0.209 Bulletins: https://helpx.adobe.com/security/products/shockwave/apsb15-17.html Also note that many browsers now allow you to disable Flash by default. You can re-enable it for sites that require Flash. Here is a nice page that will explain how to have your browser ask for permission before running plugins: http://www.howtogeek.com/188059/how-to-enable-click-to-play-plugins-in-every-web-browser/
--- |
Johannes 4307 Posts ISC Handler Jul 14th 2015 |
| Thread locked Subscribe |
Jul 14th 2015 6 years ago |
|
Update for Acrobat just released, latest version 15.007.20033.
|
Joey 18 Posts |
| Quote |
Jul 14th 2015 6 years ago |
|
A direct link to the latest builds (for Flash anyway) for multiple OSes is here: https://www.adobe.com/products/flashplayer/distribution3.html. Adobe doesn't make this easy to find.
|
Tom 5 Posts |
| Quote |
Jul 14th 2015 6 years ago |
|
Yes, the Flash player update covers the 0-day found yesterday (07/13). So this update fixes 2 0-days.
|
R 41 Posts |
| Quote |
Jul 14th 2015 6 years ago |
|
The referenced HowToGeek guide missed one very good blanket approach for IE, which is to enable ActiveX Filtering, switching all ActiveX controls to a default-deny condition. A Flash site would result in a blue slashy-circle icon in the address bar, with the option to override the filtering for that visit if desired.
|
R 12 Posts |
| Quote |
Jul 14th 2015 6 years ago |
Sign Up for Free or Log In to start participating in the conversation!
https://www.sans.edu
