Oracle Java and Adobe Flash get critical updates on Feb 15, 2012
Hmmm, it's been a busy two days for updates. On February 14, 2012, Microsoft released its monthly handful of Windows updates and patches. Later that night, I discovered that Oracle has just pushed out a critical update for their Java virtual machine. One day later, on Feb 15, I discovered that Adobe has just released a patched version of its Flash Players (all versions).
All of these updates, from three software companies, are rated anywhere from "important" to critical. I strongly advise my readers to update their Windows PCs with Windows Updates, and all operating systems with Adobe updates, and, if you use Java at all, get the Java update as well.
Java JRE Update of Feb 14, 2012
Oracle, the current owner and maintainer of Java technology, estimates that over 3 billion devices run their Java Virtual Machines. Java (not to be confused with JavaScript, which is different) is a powerful programming language that allows for mini-programs to run on a device, or desktop, or in your browsers. It is found in smart phones, tablets, computers and many other digital devices. The official website for distributing the consumer version of Java is fittingly called java.com.
For all of its fancy tricks and useful features, the devil lies in programming errors that have existed for a very long time, or which are introduced when other problems are patched. Java goes way back to the late-1990s. I used to run Java applet pets on my Windows 95 desktop, as far back as 1997. They were fun programs to play with and none of us thought that they could be used for evil purposes. Unfortunately, "we" were wrong.
For the last several years Java technology has been the primary target of cyber-criminals who write exploit kits (like the infamous Russian Blackhole Exploit Kit) that attack computers through vulnerabilities that have not been patched by the owners of those computers. The reason is that many people simply are not even aware that Java is installed on their PCs and hence, never think to update it. Older versions of Java, as far back as series 4 and 5 contain all kinds of coding errors that allow easy exploitation. To make matters worse, when people did upgrade to newer versions of Java, the old versions were not uninstalled! They were left intact, in their default folder locations, for any hacker to take advantage of simply by specifying the path to those versions of Java's executables and .JAR files.
So, the first thing my readers need to do is see what, if any versions of Java are installed, by visiting Java.com and clicking the "Do I have Java?" link. If you have the previous version installed, you should be able to update by opening your Windows Control Panel and (double) clicking on the Java icon, going to the "Update" tab and clicking the "Update Now" button. Then, open the "Add/Remove Programs," or the newer "Programs and Features" icon and uninstall all older versions of Java.
After you have updated Java, go to Control Panel (Windows), open the Java icon and click on the Update tab. Set the options to automatically check for updates every day, at a time the PC is normally on. One never knows when an update will be pushed out until it arrives. Tis far better safe than sorry when it comes to Java technology. The latest versions, released on February 14, 2012, are Java 6 Update 31, and the newer series Java 7 Update 3.
Adobe Flash Updated
Adobe released a new version of its free Flash Player, on February 15, 2012, to patch at least 7 security holes, one of which is currently being used in zero-day exploits. The latest version for Windows, Mac, Linux and Solaris is 11.1.102.62.
Users of Android 4.x devices should update to Adobe Flash Player 11.1.115.6. Users of Android 3.x and earlier versions should update to Flash Player 11.1.111.6.
You can discover whish, if any version of Flash you have installed, by visiting the Adobe About Flash page. To get the latest version of Flash for your devices, visit http://get.adobe.com/flashplayer. Do this for each device. If you use Internet Explorer and Firefox, you'll need to get a different Flash player for each browser. The IE version uses an ActiveX Control, which Firefox does not allow to run, for security reasons.
If you use Google Chrome, you need to upgrade to the new version: 17.0.963.56, which includes an embedded Flash Player built specifically for the Chrome browsers. Get the latest version of Chrome by opening the browser, clicking on the Tools icon, then clicking on About Google Chrome. This displays the version details and launches a check for updates. If a newer version is available, it will be downloaded and installed while you watch.
If you like this article please share it.
The content on this blog may be reprinted provided you do not modify the content and that you give credit to Wizcrafts and provide a link back to the blog home page, or individual blog articles you wish to reprint. Commercial use, or derivative work requires written permission from the author.