Monday, May 16, 2011

Security Update Released for Adobe Flash Player (v10.3.181.14)

On May 12, 2011 Adobe released a Security advisory called Security update available for Adobe Flash Player that announced the availability of an update to their Flash Player 10 software.

The advisory states in part: There are reports of malware attempting to exploit one of the vulnerabilities, CVE-2011-0627, in the wild via a Flash (.swf) file embedded in a Microsoft Word (.doc) or Microsoft Excel (.xls) file delivered as an email attachment targeting the Windows platform. However, to date, Adobe has not obtained a sample that successfully completes an attack.

Critical vulnerabilities have been identified in Adobe Flash Player and earlier versions (Adobe Flash Player and earlier for Chrome users) for Windows, Macintosh, Linux and Solaris, and Adobe Flash Player and earlier versions for Android. These vulnerabilities could cause the application to crash and could potentially allow an attacker to take control of the affected system.

Action Required: Ag IT recommends that you update the Adobe Flash Player on your Enterprise machine (or other devices that use Adobe Flash) to mitigate the effects of malicious SWF (Flash) files that you might view in your web browser, Word, or Excel file.

For steps, see our How To Install Updates to Adobe Flash Player,

Note: If you use multiple browsers, perform the check for each browser you have installed on your computer.

Note: Additional help can be found at Adobe Support:

Tuesday, May 03, 2011

Oracle Java Standard Edition (SE) 6 Update 25 Released

As of April 24, 2011, the current version of the Oracle Java client is Java(TM) 6 Update 25.

Action Required:
If you see the Java Update icon or "Java Update Available" balloon in the lower right corner of the screen, the latest version of Java should be ready to install. You can click the icon and follow its prompts to apply the update.

Note: We recommend that you do not install any offered "extras" like Carbonite Backup, Microsoft's Bing Toolbar, MSN Toolbar, or Installer. Please un-check these options if they appear.

Or, our How To Update Sun's Java Software has complete steps on how to install Java from either the "Java Update Available" message or how to download and install Java manually .

Java SE 6u25 does not add any fixes for security vulnerabilities beyond those in Java SE 6u24. Users who have Java SE 6u24 have the latest security fixes and do not need to upgrade to this release to be current on security fixes.

In Java SE 6 Update 25 support has been added for the Internet Explorer 9, Windows 7 with SP1, Firefox 4, and Chrome 10.

The full list of changes may be found here:

Java software allows you to run applications called “applets” that are written in the Java programming language. These applets allow you to play online games, chat with people around the world, calculate your mortgage interest, and view images in 3D. These may include web based training applications.