A patchtastic day for Flash and Windows users – don’t delay!

Critical vulnerabilities affect Windows, Mac, Linux and ChromeOS users.

Graham Cluley
Graham Cluley
@
@[email protected]
@gcluley

A patchtastic day for Flash and Windows users - don't delay!

It’s that time again.

If you’re one of those folks who hasn’t yet decided that you can live without Flash (and remember, PornHub is no longer an excuse to keep Flash on your computer), then you really should update the bug-riddled software with Adobe’s latest round of security patches.

The Flash vulnerabilities are rated as “critical” for those using Adobe Flash Player on Windows, Mac OS X, Linux and ChromeOS, and address vulnerabilities that could potentially allow an attacker to take control of your computer.

Sign up to our free newsletter.
Security news, advice, and tips.

Meanwhile, Microsoft has issued 14 security bulletins – made up of seven critical and seven important updates addressing a total of 50 vulnerabilities.

Perhaps the most important flaw addressed by Microsoft in the update is a zero-day vulnerability in Internet Explorer:

The most severe of the vulnerabilities could allow remote code execution if a user views a specially crafted webpage using Internet Explorer. An attacker who successfully exploited the vulnerabilities could gain the same user rights as the current user. If the current user is logged on with administrative user rights, an attacker could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.

It’s not unusual to see online criminals taking a close interest in the security patches issued by the likes of Adobe and Microsoft, and launching attacks to exploit the newly-disclosed vulnerabilities against end users and corporations.

Don’t drag your feet. If the likes of Adobe and Microsoft take the step of describing vulnerabilities in their software as “critical”, it’s important that you patch at your earliest opportunity.


Graham Cluley is an award-winning keynote speaker who has given presentations around the world about cybersecurity, hackers, and online privacy. A veteran of the computer security industry since the early 1990s, he wrote the first ever version of Dr Solomon's Anti-Virus Toolkit for Windows, makes regular media appearances, and is the co-host of the popular "Smashing Security" podcast. Follow him on Twitter, Mastodon, Threads, Bluesky, or drop him an email.

One comment on “A patchtastic day for Flash and Windows users – don’t delay!”

  1. Joe

    Recent post by Tripwire lists them all as "no exploit found", conflicting view or best double-checked?

What do you think? Leave a comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.