Patch

Adobe and Microsoft Patch Critical Vulnerabilities

Updated

For December's Patch Tuesday, both Microsoft and Adobe patched numerous critical vulnerabilities. Adobe (https://helpx.adobe.com/security/products/flash-player/apsb16-39.html) patched 31 vulnerabilities across 9 different product lines, including a Flash zero-day, which could lead to code execution, and which has been exploited in the wild. Microsoft (https://technet.microsoft.com/en-us/library/security/ms16-dec.aspx) patched a half-dozen critical browser vulnerabilities; most of which are remote code execution vulnerabilities.

The UCLA Information Security Office recommends that these patches be applied as soon as practical through Automatic Updates for standalone Windows workstations or through a centralized patching solution for enterprise workstations.