Adobe, Microsoft and Oracle released critical patches on June 12, 2012
June 12, 2012 was a huge Patch Tuesday, with Adobe, Microsoft and Oracle all releasing patches to fix critical vulnerabilities in their software. The affected programs include Adobe Flash, Oracle Java and Microsoft's Windows Kernel, Internet Explorer, .NET and Remote Desktop software.
I have already published a blog article today about the Java update on 6/12/2012. You need to update Java now, if you have it installed. The BlackHole Exploit Kit is targeting vulnerabilities just patched.
If you have Windows computers, running on XP (w/SP 3), Vista, 7 or Server 2003 or 2008, you need to use your Windows Update link on the Start Menu, or in Control Panel, to check for and install between 7 to 11 or more patches, rated from Important to Critical. The actual number of patches you receive depends on what, if any, Office and .NET programs you have installed, You will need to restart the computer to complete the updates. If you use Internet Explorer, you can go to Windows Updates via a link in the Safety menu item.
Adobe Flash was simultaneously updated on the 12th, to version 11.3.300.257 for most users. An Adobe Security Advisory describes how previous versions are being exploited and how this new version plugs those holes. It also lists the affected versions for other operating systems and devices, like Mac and Android. If you use Flash at all, it needs to be updated NOW. Malware exploit kits have been updated to target the vulnerabilities that were just patched.
To update Flash, go to www.adobe.com, click the link for Flash, then download the version for your browser. If you use Internet Explorer and Firefox, Safari, Opera or Chrome, there are separate downloads. IE uses an ActiveX version, while Firefox, Safari and Opera use another plug-in version and Google Chrome uses a special, bundled version, requiring you to update Chrome itself ( go to Tools > About Google Chrome and it will begin checking and updating if necessary).
After you update Flash in all of your browsers, they need to be closed for the upgrade to take. You may even need to reboot the computer to flush out a previous version if it was in use during the update process.
I believe it is a good thing that these major software vendors have released critical updates on the same day and time period. This allows users to perform multiple security updates sequentially or simultaneously, restart once, then get back to work.
All of the above updates require Administrator privileges. While you can perform these updates as a Standard User, via "Run As Administrator" it is really best to log into an actual Administrator level account first, since you will have to reboot after installing these updates.
Trend Micro Internet Security products, for home and office users, use in-the-cloud malware definitions that are updated every day, all day, as soon as new or altered strains of viruses and other malware are detected in the wild and analyzed. By offloading the bulk of these ever changing virus definitions to cloud servers, the load on your computers is greatly reduced. All users of Trend security programs are instantly protected from hostile web pages laden with malware exploits and hostile email, by the Trend Micro Smart Protection Network.
The content on this blog may be reprinted provided you do not modify the content and that you give credit to Wizcrafts and provide a link back to the blog home page, or individual blog articles you wish to reprint. Commercial use, or derivative work requires written permission from the author.