Wednesday, August 14, 2019

Mozilla Firefox Version 68.0.2 Released with Security Update

Firefox

Mozilla sent Firefox Version 68.0.2 to the release channel today. The update included one (1) security update, rated moderate.

As of the last check, no update is available for ESR.

Moderate

Fixed
  • Fixed a bug causing some special characters to be cut off from the end of the search terms when searching from the URL bar (bug 1560228)
  • Allow fonts to be loaded via file:// URLs when opening a page locally (bug 1565942)
  • Printing emails from the Outlook web app no longer prints only the header and footer (bug 1567105)
  • Fixed a bug causing some images not to be displayed on reload, including on Google Maps (bug 1565542)
  • Fixed an error when starting external applications configured as URI handlers (bug 1567614)
Update:  To get the update now, select "Help" from the Firefox menu, then pick "About Firefox."  Mac users need to select "About Firefox" from the Firefox menu. If you do not use the English language version, Fully Localized Versions are available for download.

References


Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...

Tuesday, August 13, 2019

Adobe Flash Player Update


Adobe Flashplayer

Adobe has released Version 32.0.0.238 of Adobe Flash Player for Windows 7 and earlier, macOS, Linux and Chrome OS. The update addresses bug fixes described in the Release Notes as "Assorted functional fixes".

Note that because this is not a security update, Microsoft has not released updates to Adobe Flash Player for Microsoft Edge and Internet Explorer on 8.1/10.  The Flash Player for those browsers remains at Version 32.0.0.207, which was the security update released in June by Adobe.

Release date:  August 13, 2019
Vulnerability identifier: None
Platform:  Windows, Macintosh, Linux and Chrome OS

Update:

*Important Note:  Downloading the update from the Adobe Flash Player Download Center link includes a pre-checked option to install unnecessary extras, such as McAfee Scan Plus or Google Drive.  If you use the download center, uncheck any unnecessary extras that you do not want.  They are not needed for the Flash Player update.

    Verify Installation

    To verify the Adobe Flash Player version number installed on your computer, go to the About Flash Player page, or right-click on content running in Flash Player and select "About Adobe Flash Player" from the menu. 

    Do this for each browser installed on your computer.

    To verify the version of Adobe Flash Player for Android, go to Settings/Applications/Manage Applications/Adobe Flash Player x.x.

    References



    Remember - "A day without laughter is a day wasted."
    May the wind sing to you and the sun rise in your heart...









    Microsoft August 2019 Security Updates



    The August security updates have been released and consist of 93 CVEs and 2 advisories. Of these 93 CVEs, 29 are rated Critical, and 64 are rated Important in severity. None are listed as publicly known or as under active attack at the time of release but multiple bugs this month fall into the wormable category.

    The updates address Information Disclosure, Elevation of Privilege, Remote Code Execution, Denial of Service, Security Feature Bypass, Tampering and Spoofing. They apply to the following:  Microsoft Windows, Internet Explorer, Microsoft Edge, ChakraCore, Microsoft Office and Microsoft Office Services and Web Apps, Visual Studio, Online Services, Active Directory, Microsoft Dynamics.

    Known Issues:  See the Known Issues and accompanying work-around in the KB Articles:

    KB Article Applies To
    4511553 Windows 10, version 1809, Windows Server 2019
    4511872 Internet Explorer
    4512476 Windows Server 2008 SP2 (Monthly Rollup)
    4512482 Windows Server 2012 (Security-only update)
    4512486 Windows 7 Service Pack 1, Windows Server 2008 R2 Service Pack 1 (Security-only update)
    4512488 Windows 8.1, Windows Server 2012 R2 (Monthly Rollup)
    4512489 Windows 8.1, Windows Server 2012 R2 (Security-only update)
    4512491 Windows Server 2008 SP2 (Security-only Update)
    4512497 Windows 10
    4512501 Windows 10, version 1803, Windows Server version 1803
    4512506 Windows 7 Service Pack 1, Windows Server 2008 R2 Service Pack 1 (Monthly Rollup)
    4512507 Windows 10, version 1703
    4512508 Windows 10, version 1903, Windows Server version 1903
    4512516 Windows 10, version 1709
    4512517 Windows 10, version 1607, Windows Server 2016
    4512518 Windows Server 2012 (Monthly Rollup)

    Recommended Reading:  

    See Dustin Childs review and analysis in Zero Day Initiative — The August 2019 Security Update Review.

    For more information about the updates released today, see https://portal.msrc.microsoft.com/en-us/security-guidance/summary.  Updates can be sorted by OS from the search box. Information about the update for Windows 10 is available at Windows 10 Update history.

    Additional Update Notes:

    • Adobe Flash Player -- For Windows Server 2012, Windows 8.1, Windows Server 2012 R2, Windows RT 8.1 and Windows 10, Adobe Flash Player is now a security bulletin rather than a security advisory and is included with the updates as identified above.
    • MSRT -- Microsoft released an updated version of the Microsoft Windows Malicious Software Removal Tool on Windows Update, Microsoft Update, Windows Server Update Services, and the Download Center.  Note:  Users who are paranoid about the remote possibility of a FP can opt to run this tool from a Command Prompt, appending a   /N   parameter [for "detect only" mode].
    • Servicing Stack Updates -- A list of the latest servicing stack updates for each operating system can be found in ADV990001. This list will be updated whenever a new servicing stack update is released. It is important to install the latest servicing stack update. Learn more about SSU's in Servicing Stack Updates (SSU)
    • Windows 10 updates are cumulative. The monthly security release includes all security fixes for vulnerabilities that affect Windows 10, in addition to non-security updates. The updates are also available via the Microsoft Update Catalog.
    • For information on lifecycle and support dates for Windows 10 operating systems, please see Windows Lifecycle Facts Sheet.
    • Windows Update History:

    References


    Remember - "A day without laughter is a day wasted."
    May the wind sing to you and the sun rise in your heart...