Patch

Microsoft and Adobe have released security updates

Updated

Adobe and Microsoft have released several critical security updates on 7/11/17 to address vulnerabilities in Windows, Internet Explorer, Edge, Office, .NET Framework and Exchange as well as both Adobe Flash Player and Adobe Connect. 

The Windows update categorized as urgent for enterprises and corrects a critical bug (link is external) in the Windows Search Service that could be exploited remotely via the SMB file-sharing service built into both Windows workstations and servers.

Please see https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/CVE-2017-8589 for Microsoft patches per Operating System.

In addition to the Microsoft Patches released, Adobe has released security updates which if left unpatched, respectively, could lead to information disclosure, remote code execution and memory address disclosure.

Users and administrators are encouraged to review Adobe Security Bulletins APSB17-21 (link is external) and APSB17-22 (link is external) and apply the necessary updates.

The affected versions of these products are as follows:

 

Adobe Flash Player:

Adobe Flash Player Desktop Runtime

26.0.0.131 and earlier

  Windows, Macintosh and Linux

Adobe Flash Player for Google Chrome

26.0.0.131 and earlier

  Windows, Macintosh, Linux and Chrome OS

Adobe Flash Player for Microsoft Edge and IE 11      

26.0.0.120 and earlier

  Windows 10 and 8.1

 

Adobe Connect:

Adobe Connect   

9.6.1 and earlier  

Windows

 

We recommend that system administrators upgrade to the latest version of either of these products.

Adobe Flash Player 26.0.0.137 is the latest version for all platforms.

Adobe Connect 9.6.2 is the latest version.