Homeland Secure IT Alert for Friday, June 18, 2010
Greetings and salutations,
Last week we warned of Critical Vulnerabilities which affect Adobe products and this week we are hearing of many people being exploited by these security holes.
There are patches and updates available that will secure your system, however, they are not applied automatically and must be performed by someone on each workstation. These updates are NOT handled by Microsoft Windows Update, WSUS, and many patch management systems.
Note that this affects ALL platforms, Microsoft Windows, Windows Server, Mac OS X, Linux, Solaris, VMWare systems with VMWare Tools.
This is an excerpt from the Adobe site:
AFFECTED SOFTWARE VERSIONS
Adobe Flash Player 10.0.45.2 and earlier versions for Windows, Macintosh, Linux and Solaris
Adobe AIR 220.127.116.1130 and earlier versions for Windows, Macintosh and Linux
To verify the Adobe Flash Player version number installed on your system, access the About Flash Player page, or right-click on content running in Flash Player and select “About Adobe (or Macromedia) Flash Player” from the menu. If you use multiple browsers, perform the check for each browser you have installed on your system.
To verify the Adobe AIR version number installed on your system, access the Adobe AIR TechNote for instructions.
Adobe Flash Player
Adobe recommends all users of Adobe Flash Player 10.0.45.2 and earlier versions upgrade to the newest version 10.1.53.64 by downloading it from the Adobe Flash Player Download Center or by using the auto-update mechanism within the product when prompted.
To address the vulnerabilities described in this Security Bulletin, a prerelease version of Flash Player 10.1 for Solaris platforms is available from Adobe Labs.
For users who cannot update to Flash Player 10.1.53.64, Adobe has developed a patched version of Flash Player 9, Flash Player 9.0.277.0, which can be downloaded from the following link.
Adobe recommends all users of Adobe AIR 18.104.22.16830 and earlier versions update to the newest version 22.214.171.12410 by downloading it from the Adobe AIR Download Center.
Adobe categorizes this as a critical update and recommends affected users update their installations to the newest versions.
More information about the security updates is available from Adobe at this URL:
If we can be of any assistance at all, please do not hesitate to contact us… We perform complete computer, server and network support, service and repair in Greenville and Upstate SC, as well as offer best-in-class Anti-Virus from Trend Micro!
Be safe and have a great weekend!