The second Tuesday of the month is upon us, and that means it’s once again time to get your patches on, people (at least for readers running Windows or Adobe products). Microsoft today pushed out nine patch bundles to plug security holes in Windows and its other products. Separately, Adobe issued updates for its Flash and Shockwave media players that address four distinct security holes in each program.
Microsoft called special attention to a cumulative update for Internet Explorer that fixes two critical vulnerabilities present in virtually every version of IE ever produced, including IE 9, 10 and IE on Windows RT, the operating system for mobile devices and tablets.
The other critical patch in the bunch addresses a dangerous vulnerability in the Windows Remote Desktop Client, which allows systems to be managed remotely. For a rundown of the other updates released today, check out the Qualys blog, the Microsoft Security Bulletin Summary for April 2013 and the Microsoft Security Response Blog.
Adobe’s update brings Adobe Flash Player to v. 11.7.700.169 on Windows and Mac devices (the latest version numbers for other operating systems are listed in the chart below). Internet Explorer 10 and Google Chrome should automatically update to the latest version. Google has already pushed out the Flash update with Chrome v. 26.0.1410.63 for Mac and Linux, and v. 26.0.1410.64 for Windows; if your Chrome version isn’t at the latest (you can check which version by clicking the customize tab to the right of the address bar and then “About Google Chrome’), try closing and restarting the browser. Continue reading →