Extra-large crop of updates for Patch Tuesday

Posted by   Virus Bulletin on   Aug 12, 2010

Fourteen security alerts from Microsoft join two from Adobe.

Microsoft's monthly Patch Tuesday security bulletins came out this week, featuring a chunky 14 separate alerts with many covering multiple issues. Eight of the new alerts were rated 'Critical', with the remaining six marked as 'Important'. In addition to Microsoft's updates, Adobe also released a trio of fixes, with two labelled 'Critical' and the third 'Important'.

Of the issues addressed by this batch of Microsoft patches, the most significant affect Word, SMB Server, .NET, XML Core Services and MPEG Codecs. The release also includes the usual batch of fixes for problems with Internet Explorer. An out-of-band update to fix the serious vulnerability involving .lnk files, released last week, was also included in the bulletin. Full details are at Microsoft here, with a blog entry covering the release here and a summary from SANS here.

Adobe's update release, timed to coincide with Patch Tuesday, included critical fixes for Flash Player and Flash Media Server, and an important HotFix for ColdFusion. Full details are at Adobe here, with another SANS summary here.

Users of Adobe's popular Reader software will have to wait a little longer for another patch, due to be released as an emergency update next week, according to reports. Meanwhile, those who choose to go with the alternative PDF viewer from Foxit Software will have to update to cover the same vulnerability which affects users of Apple's iPhone - their announcement is here. For once, Adobe users are not affected by the vulnerability.

Posted on 12 August 2010 by Virus Bulletin

twitter.png
fb.png
linkedin.png
googleplus.png
reddit.png

 

Latest posts:

Throwback Thursday: Giving the EICAR test file some teeth

The 68-byte EICAR test file plays as important a role today as it did 19 years ago. In this week's Throwback Thursday we look back at a VB99 conference paper in which Randy Abrams described how the use of this 'miracle tool' could help enhance your…

XMRig used in new macOS cryptominer

A new piece of cryptocurrency-mining malware on macOS has been found to use the popular XMRig miner.

Tendency for DDoS attacks to become less volumetric fits in a wider trend

CDN provider Cloudflare reports an increase in DDoS attacks targeting layer 7 and focusing on exhausting server resources rather than sending large volumes of data. This fits in a wider trend.

Turkish Twitter users targeted with mobile FinFisher spyware

Through fake social media accounts, users were tricked into installing an Android application that was actually a mobile version of the FinFisher spyware.

Hide'n'Seek IoT botnet adds persistence

The Hide'n'Seek IoT botnet has received an update to make its infection persist on infected devices beyond a restart.