Microsoft Releases Security Update for Flash Player Libraries

While most of this month’s security updates have been postponed to March 14, Microsoft has decided to release one bulletin to address the Flash Player vulnerabilities fixed by Adobe on Patch Tuesday. The critical bulletin, MS17-005, resolves 13 vulnerabilities in the Flash Player libraries used by Internet Explorer 10, Internet Explorer 11 and Edge.

Over a Dozen Code Execution Flaws Patched in Flash Player

Adobe on Tuesday released security updates that address two dozen vulnerabilities in Flash Player, Digital Editions and the Campaigns marketing tool, but none of the flaws have been exploited in the wild. Flash Player 24.0.0.221 patches 13 critical vulnerabilities that can be exploited for arbitrary code execution, including type confusion, integer overflow, use-after-free, heap buffer…

Eight Vulnerabilities Patched in WordPress

Eight security flaws and 62 bugs have been addressed with the release of WordPress 4.7.1 on Wednesday. The latest update for the content management system (CMS) has been classified as a security release. The list of vulnerabilities fixed this week includes the recently disclosed remote code execution flaw affecting PHPMailer. While WordPress Core and the…

The November 2016 Security Update Review

Adobe released two updates this month. The more critical of the two patches addresses nine CVEs in the Flash player. This comes just two weeks after Adobe issued an emergency Flash update to fix an issue currently being exploited. We’ll see this exploit later in a Windows update, too. Today’s Flash update is not being…

Many Joomla Sites Hacked via Recently Patched Flaws

Less than 24 hours after Joomla released patches for a couple of critical account creation vulnerabilities, researchers noticed that malicious actors had already started exploiting the flaws in the wild. Joomla announced on October 25 the availability of version 3.6.4 to fix two serious vulnerabilities: CVE-2016-8870, which allows attackers to create user accounts even if…