Microsoft
This month’s Patch Tuesday brings with it 13 security
bulletins. Microsoft has labeled 3 of
them as critical affecting Windows 7, 8.1 and Windows 10 preview.
Probably the most critical of the security bulletins is for
Internet Explorer. Many vulnerabilities
have been addressed to prevent remote code execution when visiting targeted
websites. To check this update please
click here. MS15-043
The second critical update is to correct Microsoft’s font
drivers. This protects against remote
code execution if you were to open a specially crafted document or webpage that
contains embedded True Type fonts. MS15-044
The third bulletin deemed critical is in connection with the
Windows Journal. Specially crafted
Journal files could cause remote code execution if a user were to open them. SM15-045
Further details on other updates can be found here Microsoft
Security Bulletin
Adobe Patches
This month’s Adobe patches are for 34 vulnerabilities in
versions Acrobat X, Acrobat XI, Reader X and Reader XI. These patches are for vulnerabilities in
relation to bypassing restrictions in JavaScript API execution because of how
they are or can be used in exploiting vulnerabilities. The ability to execute JavaScript code gives
attackers insight into getting memory arrangements to create memory corruption
bugs.
Adobe Flash Player also received an update for
vulnerabilities that would allow for code execution. The update addresses memory corruption
weaknesses. There is also an update for
two memory leak issues that may lead to information disclosure. Further,
updates were released for a condition that bypasses Internet Explorer’s
protected mode and one that would allow an attacker to write data to a file
system with the same permission as the user.
For more information on Adobe updates Adobe
Security Bulletin
Contact us to find out how you can become "Proactive" instead of "Reactive".
