Adobe Fixes 7 Serious Flash Flaws with Update
CREDIT: Adobe Systems Inc.
Adobe Systems has pushed seven security updates to its Flash Player to protect users from remote attacks, memory corruption and system crashes.
The move came one week ahead of Microsoft's monthly "Patch Tuesday," which will provide the same protection for Windows 8 and Internet Explorer 10 users. But it's the last time the timing of an Adobe update will disregard Microsoft's monthly update cycle.
This update patches seven remote-execution vulnerabilities Adobe deemed critical. It is available on Adobe's website, where users can select the appropriate installation file for their operating system. (Chrome users can just kick back; the update is automatically pushed to Google's browser.)
Windows users who like Internet Explorer in addition to other browsers may need to update twice, Brian Krebs pointed out on his blog. An IE 10 update for Windows 8 users is in Windows Update and on Microsoft's site.
Adobe announced yesterday (Nov. 6) that it would update its notoriously buggy and aggravating Flash Player in sync with Microsoft's monthly update. As many security and tech experts speculated, that move was inevitable once Microsoft decided to bake Flash into Internet Explorer 10.
Microsoft pushes out updates and security fixes on the second Tuesday of every month, but Flash users are encouraged to take Adobe's update as quickly as possible.
Adobe was the subject of much scrutiny this summer after a couple of major security problems left tens of millions of users vulnerable to zero-day exploit attacks. Adobe was forced to issue rapid-fire updates, causing confusion and frustration among many of its customers and partners.
Although it will create more work for IT departments at least one day each month, the synchronization with Microsoft was praised by IT professionals.
"In a few months, the Flash update will just be a regular part of the Patch Tuesday cycle," Andrew Storms, security director at nCircle Security, told Computerworld. "The move is going to force Adobe to get into a regular cycle with repeatable processes that their end users will come to recognize and appreciate."