Wednesday, June 15, 2011

Security Update Released for Adobe Flash Player (version 10.3.181.26)

On June 14, 2011 Adobe released a Security advisory called Security update available for Adobe Flash Player that announced the availability of an update to their Flash Player 10 software.

Note: There are reports that this vulnerability is being exploited in the wild in targeted attacks via a malicious Web page. The advisory states in part:

Summary
A critical vulnerability has been identified in Adobe Flash Player 10.3.181.23 and earlier versions for Windows, Macintosh, Linux and Solaris, and Adobe Flash Player 10.3.185.23 and earlier versions for Android. This memory corruption vulnerability (CVE-2011-2110) could cause a crash and potentially allow an attacker to take control of the affected system. There are reports that this vulnerability is being exploited in the wild in targeted attacks via malicious Web pages.

Action Required: Ag IT recommends that you update the Adobe Flash Player on your Enterprise machine (or other devices that use Adobe Flash).

For steps, see our How To Install Updates to Adobe Flash Player, http://agsci.psu.edu/it/how-to/install-updates-to-adobe-flash-player.

Note: If you use multiple browsers, perform the check for each browser you have installed on your computer.

Security Update Available for Adobe Reader and Acrobat

Adobe shipped critical security updatese to its Adobe products on June 14, 2011 that addresses a vulnerability that can cause the application to crash and allow an attacker to take control of the affected system.

Action Required: Ag IT recommends that College of Ag Science faculty and staff update any Adobe products to the current version.

Note: Along with applying this update, we also recommend that you follow these steps to Secure Adobe Reader to Prevent Malware once you have your Adobe products updated!!

You should be able to use the built-in Updater program to update the software.

  1. Open Adobe Reader or Adobe Acrobat Professional.
  2. From the Help menu choose Check for Updates.
  3. If updates were found, follow the on-screen steps to update.

    Note: If an update is downloaded, close Adobe before applying the update.
    Then re-open Adobe. Repeat steps 1 - 3 until no more updates are available.

  4. Note: If the automatic updater does not find the latest updates, and your version is not the most current one, go to the Acrobat for Windows downloads page. Scroll down to locate the update for your version. Download and install.

    Note: Earlier versions of Adobe Acrobat Professional (version 8 or lower) will not receive this patch. This updates represent an out-of-cycle release.

The Adobe Security bulletin, Security Updates available for Adobe Reader and Acrobat, has additional information and links.

Tuesday, June 07, 2011

Oracle Java Standard Edition (SE) 6 Update 26 Released

As of June 7, 2011, the current version of the Oracle Java client is Java(TM) 6 Update 26.

Action Required:
If you see the Java Update icon or "Java Update Available" balloon in the lower right corner of the screen, the latest version of Java should be ready to install. You can click the icon and follow its prompts to apply the update.

Note: We recommend that you do not install any offered "extras" like Carbonite Backup, Microsoft's Bing Toolbar, MSN Toolbar, or OpenOffice.org Installer. Please un-check these options if they appear.

Or, our How To Update Sun's Java Software has complete steps on how to install Java from either the "Java Update Available" message or how to download and install Java manually .

Fixed:
Java SE 6 Update 26 contains 17 new security vulnerability fixes for Oracle Java SE. All these vulnerabilities may be remotely exploitable without authentication, i.e., may be exploited over a network without the need for a username and password.

Oracle Update Release Notes can be found here: http://www.oracle.com/technetwork/java/javase/releasenotes-136954.html

Note:
Java is a programming language and computing platform first released by Sun Microsystems in 1995. Java Standard Edition or Java SE is used by your computer to run certain web based applications. These may include web based training applications.
http://www.java.com/en/about/

Monday, June 06, 2011

Security Update Released for Adobe Flash Player (version 10.3.181.23)

On June 5, 2011 Adobe released a Security advisory called Security update available for Adobe Flash Player that announced the availability of an update to their Flash Player 10 software.

Note: There are reports that this vulnerability is being exploited in the wild in targeted attacks via a malicious Web page. The advisory states in part:

Summary
An important vulnerability has been identified in Adobe Flash Player 10.3.181.16 and earlier versions for Windows, Macintosh, Linux and Solaris, and Adobe Flash Player 10.3.185.22 and earlier versions for Android. This universal cross-site scripting vulnerability (CVE-2011-2107) could be used to take actions on a user's behalf on any website or webmail provider, if the user visits a malicious website. There are reports that this vulnerability is being exploited in the wild in active targeted attacks designed to trick the user into clicking on a malicious link delivered in an email message.

Action Required: Ag IT recommends that you update the Adobe Flash Player on your Enterprise machine (or other devices that use Adobe Flash).

For steps, see our How To Install Updates to Adobe Flash Player, http://agsci.psu.edu/it/how-to/install-updates-to-adobe-flash-player.

Note: If you use multiple browsers, perform the check for each browser you have installed on your computer.

Thursday, June 02, 2011

Adobe Flash Player Update Released for Internet Explorer

On June 1, 2011 Adobe released an update to their Flash Player 10 software. This release is for Internet Explorer browsers on Windows only.

Summary

Flash Player 10.3.181.16 addresses an issue with hardware acceleration on some systems with Intel HD Graphics adapters when viewing SWF content in Internet Explorer 9. With Flash Player 10.3.181.14 installed, SWF content appeared in the upper-left corner of the screen.

Action Required: Ag IT recommends that you update the Adobe Flash Player on your Enterprise machine even though this update does not fix a security vulnerability. This update can be installed on computers using earlier versions of Internet Explorer as well.

For steps, see our How To Install Updates to Adobe Flash Player, http://agsci.psu.edu/it/how-to/install-updates-to-adobe-flash-player.

Note: Keeping 3rd party software up-to-date is GOES A LONG WAY to keep your computer safe from being infected by malware.

How To Download Latest Updates for Enterprise Dell Computers