“Based on an assessment of the current threat landscape by our security engineers, we made the decision to make updates available more broadly,” Doerr wrote.
“As always, we recommend customers upgrade to the latest platforms.
If you choose to keep Flash, please update it today to version The most recent versions of Flash should be available from the Flash home page.
I recommend for users who have an affirmative need for Flash to leave it disabled until that need arises. Adobe patches dangerous new Flash flaws all the time, and Flash bugs are still the most frequently exploited by exploit kits — malware booby traps that get stitched into the fabric of hacked and malicious Web sites so that visiting browsers running vulnerable versions of Flash get automatically seeded with malware.
For some ideas about how to hobble or do without Flash (as well as slightly less radical solutions) check out A Month Without Adobe Flash Player.
Qualys says organizations using Microsoft Outlook should pay special attention to a newly patched bug in the popular mail program because attackers can send malicious email and take complete control over the recipient’s Windows machine when users merely view a specially crafted email in Outlook.
Separately, Adobe has issued updates to fix critical security problems with both its Flash Player and Shockwave Player.
If you have Shockwave installed, please consider removing it now.
For starters, hardly any sites require this plugin to view content.This entry was posted on Tuesday, June 13th, 2017 at pm and is filed under Other.You can follow any comments to this entry through the RSS 2.0 feed. When in doubt, click the vertical three dot icon to the right of the URL bar, select “Help,” then “About Chrome”: If there is an update available, Chrome should install it then.As always, if you experience any issues downloading or installing any of these updates, please leave a note about it in the comments below. ET: Microsoft has revised its bulletin on the vulnerability for which it issued Windows XP fixes (CVE-2017-8543) to clarify that the problem fixed by the patch is in the Windows Search service, not the SMB service as Microsoft previously stated in the bulletin.“The best protection is to be on a modern, up-to-date system that incorporates the latest defense-in-depth innovations.