A blog post from Microsoft’s Dustin Childs summarises the security bulletins, emphasising that patches for Windows Journal and Internet Explorer should be “top of your list”.
The most critical of the flaws could see your computer infected by malware if you visit a boobytrapped webpage using a vulnerable version of Internet Explorer, or for an attacker to run malicious code on your Windows PC if you open a poisoned Windows Journal file. Windows Journal is built into Windows Vista, Windows 7 and Windows 8.
If you’re finding it tricky to determine which of Microsoft security patches is relevant to your organisation, you may wish to try out the company’s free and recently-introduced myBulletins service which provides a simple customised dashboard view.
More details of Microsoft’s latest security advisories can be found in the official Microsoft Security Bulletin Summary for July 2014.
Less serious flaws have also been patched in Adobe AIR.
Further details are available in Adobe’s security bulletin APSB14-17.
Adobe says it is not aware of any exploitation of the flaws in the wild, but it always makes sense to keep your copies of Adobe products updated against newly-discovered vulnerabilities.
Users are advised to check that they are running the latest version of Adobe Flash – version 22.214.171.124 – on their Windows, Mac and Linux computers. Although Adobe Flash may be configured to automatically update on many users’ computers, some users have reported that it can sometimes take days before they a security update is rolled out to them.
For that reason, you may prefer to visit Adobe’s site directly to download the latest version.
You can check which version of Flash your computer is running by visiting this page on Adobe’s site.
Found this article interesting? Follow Graham Cluley on Twitter to read more of the exclusive content we post.