Jump to content

Build Theme!
  •  
  • Infected?

big grin Welcome to What the Tech's support forums!

We invite you to ask questions, share experiences, and learn. It's 100% free. Join 90284 others. Anybody can ask, anybody can answer. Consistently helpful members with best answers are invited to staff. Here's how it works. Computer cleanup? Start here> Malware Removal Forum.

Sign Up


Photo

Adobe updates/advisories


  • Please log in to reply
167 replies to this topic

#166 AplusWebMaster

AplusWebMaster

    AplusWebMaster

  • Authentic Member
  • PipPipPipPipPipPip
  • 9,350 posts
  • Interests:... The never-ending battle for Truth, Justice, and the American way.

Posted 08 December 2015 - 12:10 PM

FYI...

Flash 20.0.0.228 / 20.0.0.235 released
- https://helpx.adobe..../apsb15-32.html
Dec 8, 2015
CVE number: CVE-2015-8045, CVE-2015-8047, CVE-2015-8048, CVE-2015-8049, CVE-2015-8050, CVE-2015-8051, CVE-2015-8052, CVE-2015-8053, CVE-2015-8054, CVE-2015-8055, CVE-2015-8056, CVE-2015-8057, CVE-2015-8058, CVE-2015-8059, CVE-2015-8060, CVE-2015-8061, CVE-2015-8062, CVE-2015-8063, CVE-2015-8064, CVE-2015-8065, CVE-2015-8066, CVE-2015-8067, CVE-2015-8068, CVE-2015-8069, CVE-2015-8070, CVE-2015-8071, CVE-2015-8401, CVE-2015-8402, CVE-2015-8403, CVE-2015-8404, CVE-2015-8405, CVE-2015-8406, CVE-2015-8407, CVE-2015-8408, CVE-2015-8409, CVE-2015-8410, CVE-2015-8411, CVE-2015-8412, CVE-2015-8413, CVE-2015-8414, CVE-2015-8415, CVE-2015-8416, CVE-2015-8417, CVE-2015-8419, CVE-2015-8420, CVE-2015-8421, CVE-2015-8422, CVE-2015-8423, CVE-2015-8424, CVE-2015-8425, CVE-2015-8426, CVE-2015-8427, CVE-2015-8428, CVE-2015-8429, CVE-2015-8430, CVE-2015-8431, CVE-2015-8432, CVE-2015-8433, CVE-2015-8434, CVE-2015-8435, CVE-2015-8436, CVE-2015-8437, CVE-2015-8438, CVE-2015-8439, CVE-2015-8440, CVE-2015-8441, CVE-2015-8442, CVE-2015-8443, CVE-2015-8444, CVE-2015-8445, CVE-2015-8446, CVE-2015-8447, CVE-2015-8448, CVE-2015-8449, CVE-2015-8450, CVE-2015-8451, CVE-2015-8452, CVE-2015-8453
Platform: All Platforms
Summary: Adobe has released security updates for Adobe Flash Player. These updates address critical vulnerabilities that could potentially allow an attacker to take control of the affected system...
Solution: ...
- Adobe recommends users of the Adobe Flash Player Desktop Runtime for Windows and Macintosh update to 20.0.0.228 (support for Internet Explorer) and 20.0.0.235 (support for Firefox and Safari) by visiting the Adobe Flash Player Download Center, or via the update mechanism within the product when prompted...
- Adobe recommends users of the Adobe Flash Player Extended Support Release should update to version 18.0.0.268 by visiting

> http://helpx.adobe.c...r-versions.html
- Adobe recommends users of Adobe Flash Player for Linux update to Adobe Flash Player 11.2.202.554 by visiting the Adobe Flash Player Download Center.
- Adobe Flash Player installed with Google Chrome will be automatically updated to the latest Google Chrome version, which will include Adobe Flash Player 20.0.0.228 for Windows, Macintosh, Linux and Chrome OS.
- Adobe Flash Player installed with Microsoft Edge and Internet Explorer for Windows 10 will be automatically updated to the latest version, which will include Adobe Flash Player 20.0.0.228.
- Adobe Flash Player installed with Internet Explorer for Windows 8.x will be automatically updated to the latest version, which will include Adobe Flash Player 20.0.0.228.
- Adobe recommends users of the AIR desktop runtime, AIR SDK and AIR SDK & Compiler update to version 20.0.0.204 by visiting the AIR download center or the AIR developer center.
- Please visit the Flash Player Help page for assistance in installing Flash Player...

For IEv9 and below:
- https://download.mac...20_active_x.exe
For Firefox and other Plugin-based browsers:
- https://download.mac...r_20_plugin.exe

Flash test site: https://www.adobe.co...re/flash/about/

AIR 20.0.0.204: https://get.adobe.com/air/
___

- http://www.securityt....com/id/1034318
CVE Reference: CVE-2015-8045, CVE-2015-8047, CVE-2015-8048, CVE-2015-8049, CVE-2015-8050, CVE-2015-8051, CVE-2015-8052, CVE-2015-8053, CVE-2015-8054, CVE-2015-8055, CVE-2015-8056, CVE-2015-8057, CVE-2015-8058, CVE-2015-8059, CVE-2015-8060, CVE-2015-8061, CVE-2015-8062, CVE-2015-8063, CVE-2015-8064, CVE-2015-8065, CVE-2015-8066, CVE-2015-8067, CVE-2015-8068, CVE-2015-8069, CVE-2015-8070, CVE-2015-8071, CVE-2015-8401, CVE-2015-8402, CVE-2015-8403, CVE-2015-8404, CVE-2015-8405, CVE-2015-8406, CVE-2015-8407, CVE-2015-8408, CVE-2015-8409, CVE-2015-8410, CVE-2015-8411, CVE-2015-8412, CVE-2015-8413, CVE-2015-8414, CVE-2015-8415, CVE-2015-8416, CVE-2015-8417, CVE-2015-8419, CVE-2015-8420, CVE-2015-8421, CVE-2015-8422, CVE-2015-8423, CVE-2015-8424, CVE-2015-8425, CVE-2015-8426, CVE-2015-8427, CVE-2015-8428, CVE-2015-8429, CVE-2015-8430, CVE-2015-8431, CVE-2015-8432, CVE-2015-8433, CVE-2015-8434, CVE-2015-8435, CVE-2015-8436, CVE-2015-8437, CVE-2015-8438, CVE-2015-8439, CVE-2015-8440, CVE-2015-8441, CVE-2015-8442, CVE-2015-8443, CVE-2015-8444, CVE-2015-8445, CVE-2015-8446, CVE-2015-8447, CVE-2015-8448, CVE-2015-8449, CVE-2015-8450, CVE-2015-8451, CVE-2015-8452, CVE-2015-8453
Dec 8 2015
Impact: Execution of arbitrary code via network, User access via network
Fix Available:  Yes  Vendor Confirmed:  Yes ...
Impact: A remote user can create content that, when loaded by the target user, will execute arbitrary code on the target user's system.
A remote user can bypass security controls on the target system.
Solution: The vendor has issued a fix (20.0.0.228 for Mac/Windows; 20.0.0.235 for Mac/Windows; ESR 18.0.0.268; 11.2.202.554 for Linux)...
 

:ph34r: :ph34r:


Edited by AplusWebMaster, 09 December 2015 - 06:03 AM.

.The machine has no brain.
 ......... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.

    Advertisements

Register to Remove


#167 AplusWebMaster

AplusWebMaster

    AplusWebMaster

  • Authentic Member
  • PipPipPipPipPipPip
  • 9,350 posts
  • Interests:... The never-ending battle for Truth, Justice, and the American way.

Posted 28 December 2015 - 03:20 PM

FYI...

Flash 20.0.0.267 released
- https://helpx.adobe..../apsb16-01.html
Dec 28, 2015
CVE number: CVE-2015-8459, CVE-2015-8460, CVE-2015-8634, CVE-2015-8635, CVE-2015-8636, CVE-2015-8638, CVE-2015-8639, CVE-2015-8640, CVE-2015-8641, CVE-2015-8642, CVE-2015-8643, CVE-2015-8644, CVE-2015-8645, CVE-2015-8646, CVE-2015-8647, CVE-2015-8648, CVE-2015-8649, CVE-2015-8650, CVE-2015-8651
Platform: All Platforms
Summary: Adobe has released security updates for Adobe Flash Player.  These updates address critical vulnerabilities that could potentially allow an attacker to take control of the affected system. Adobe is aware of a report that an exploit for CVE-2015-8651* is being used in limited, targeted attacks...
Solution: ... Adobe recommends users of the Adobe Flash Player Desktop Runtime for Windows and Macintosh update to 20.0.0.267 by visiting the Adobe Flash Player Download Center, or via the update mechanism within the product when prompted...
- Adobe recommends users of the Adobe Flash Player Extended Support Release should update to version 18.0.0.324 by visiting:

- http://helpx.adobe.c...r-versions.html.
- Adobe recommends users of Adobe Flash Player for Linux update to Adobe Flash Player 11.2.202.559 by visiting the Adobe Flash Player Download Center.
- Adobe Flash Player installed with Google Chrome will be automatically updated to the latest Google Chrome version, which will include Adobe Flash Player 20.0.0.267 for Windows, Macintosh, Linux and Chrome OS.
- Adobe Flash Player installed with Microsoft Edge and Internet Explorer for Windows 10 will be automatically updated to the latest version, which will include Adobe Flash Player 20.0.0.267.
- Adobe Flash Player installed with Internet Explorer for Windows 8.x will be automatically updated to the latest version, which will include Adobe Flash Player 20.0.0.267.
- Adobe recommends users of the AIR desktop runtime, AIR SDK and AIR SDK & Compiler update to version 20.0.0.233 by visiting the AIR download center or the AIR developer center...

* https://web.nvd.nist...d=CVE-2015-8651
Last revised: 12/29/2015 - 9.3 (HIGH)

For IEv9 and below:
- https://download.mac...20_active_x.exe
For Firefox and other Plugin-based browsers:
- https://download.mac...r_20_plugin.exe

Flash test site: https://www.adobe.co...re/flash/about/

AIR 20.0.0.233: https://get.adobe.com/air/

- https://www.us-cert....es-Flash-Player
Dec 28, 2015
___

- http://www.securityt....com/id/1034544
CVE Reference: CVE-2015-8459, CVE-2015-8460, CVE-2015-8634, CVE-2015-8635, CVE-2015-8636, CVE-2015-8638, CVE-2015-8639, CVE-2015-8640, CVE-2015-8641, CVE-2015-8642, CVE-2015-8643, CVE-2015-8644, CVE-2015-8645, CVE-2015-8646, CVE-2015-8647, CVE-2015-8648, CVE-2015-8649, CVE-2015-8650, CVE-2015-8651
Dec 29 2015
Fix Available:  Yes  Vendor Confirmed:  Yes  
Version(s): 20.0.0.235 and prior...
Impact: A remote user can create content that, when loaded by the target user, will execute arbitrary code on the target user's system.
Solution: The vendor has issued a fix (20.0.0.267; ESR 18.0.0.324; 11.2.202.559 for Linux).
 

:ph34r: :ph34r:


Edited by AplusWebMaster, 30 December 2015 - 05:09 AM.

.The machine has no brain.
 ......... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.


#168 AplusWebMaster

AplusWebMaster

    AplusWebMaster

  • Authentic Member
  • PipPipPipPipPipPip
  • 9,350 posts
  • Interests:... The never-ending battle for Truth, Justice, and the American way.

Posted 12 January 2016 - 11:30 AM

FYI...

Adobe Acrobat/Reader 11.0.14 released
- https://helpx.adobe..../apsb16-02.html
Jan 12, 2016
CVE numbers: CVE-2016-0931, CVE-2016-0932, CVE-2016-0933, CVE-2016-0934, CVE-2016-0935, CVE-2016-0936, CVE-2016-0937, CVE-2016-0938, CVE-2016-0939, CVE-2016-0940, CVE-2016-0941, CVE-2016-0942, CVE-2016-0943, CVE-2016-0944, CVE-2016-0945, CVE-2016-0946, CVE-2016-0947
Platform: Windows and Macintosh
Note: As outlined in this blog post*, Adobe Acrobat X and Adobe Reader X are no-longer-supported.
Adobe recommends users install Adobe Acrobat DC and Adobe Acrobat Reader DC for the latest features and security updates.
* https://blogs.adobe....end-of-support/
Solution: Adobe recommends users update their software installations to the latest versions by following the instructions below. The latest product versions are available to end users via one of the following methods:
- Users can update their product installations manually by choosing Help > Check for Updates.
- The products will update automatically when updates are detected without requiring user intervention.
- The full Acrobat Reader installer can be downloaded from the Acrobat Reader Download Center**.
For IT administrators (managed environments):
- Download the enterprise installers from ftp://ftp.adobe.com/pub/adobe/, or refer to the specific release note version for links to installers.
- Install updates via your preferred methodology, such as AIP-GPO, bootstrapper, SCUP/SCCM (Windows), or on Macintosh, Apple Remote Desktop and SSH...

Acrobat for Windows: https://www.adobe.co...latform=Windows
1/12/2016
Adobe Reader for Windows: https://www.adobe.co...latform=Windows
1/12/2016

Acrobat for Macintosh: https://www.adobe.co...=1&platform=Mac
1/12/2016
Adobe Reader for Macintosh: https://www.adobe.co...10&platform=Mac
1/12/2016
___

Also see "New Downloads":
- https://www.adobe.co...wnloads/new.jsp
1/12/2016

Adobe Acrobat Reader DC
** https://get.adobe.com/reader/
___

- http://www.securityt....com/id/1034646
CVE Reference: CVE-2016-0931, CVE-2016-0932, CVE-2016-0933, CVE-2016-0934, CVE-2016-0935, CVE-2016-0936, CVE-2016-0937, CVE-2016-0938, CVE-2016-0939, CVE-2016-0940, CVE-2016-0941, CVE-2016-0942, CVE-2016-0943, CVE-2016-0944, CVE-2016-0945, CVE-2016-0946, CVE-2016-0947
Jan 12 2016
Fix Available:  Yes  Vendor Confirmed:  Yes  
Impact: A remote user can create content that, when loaded by the target user, will execute arbitrary code on the target user's system.
A remote user can bypass security controls on the target system.
Solution: The vendor has issued a fix (11.0.14, 15.006.30119, 15.010.20056)...
 

:ph34r: :ph34r:


Edited by AplusWebMaster, 12 January 2016 - 04:07 PM.

.The machine has no brain.
 ......... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.



0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users