Friday saw the release of a critical out-of-band patch for Internet Explorer from Microsoft. The security update (MS12-063) addresses as many as five vulnerabilities, but none more important than the critical zero-day bug (CVE-2012-4969) that was made public by French researchers earlier this week, and one which even prompted Germany’s Federal Office for Information Security (BSI) to issue an advisory requesting German citizens to stay away from IE. The Redmond-based company has also released a security update for Adobe Flash IE 10.
You can step into the new year feeling more secure, thanks to an important security update from Microsoft. The Redmond company on Thursday issued an out-of-band security update that addresses a “critical” denial-of-service (DoS) vulnerability (CVE-2011-3414) that affects Microsoft’s ASP.NET, among other web application platforms. Hit the jump for more.
Adobe said it discovered a critical vulnerability in Adobe Flash Player that could cause a crash and potentially allow an attacker to take control of the affected system. Reports have already surfaced that the security flaw is being exploited in the wild in targeted attacks through a Flash (.swf) file embedded in a Microsoft Excel (.xls) file delivered as an email attachment. A fix is on the way, but it won't arrive until next week Adobe says.
We know it's hard to believe, but your Adobe Reader and/or Acrobat software is in need of some patching. That's according to Adobe, which is warning users of a critical vulnerability affecting Reader and Acrobat versions 9.3.4 and earlier.
That's the bad news. The even even worse news is that the vulnerability, when exploited, could crash your machine and potentially allow an attacker to seize control, Adobe says. And the really bad news is that this vulnerability is being actively exploited in the wild.
Ready for the good news? Not so fast, we haven't covered the no-good terrible news. This nasty security hole -- the one the bad guys know about and are currently exploiting -- can't yet be plugged, though if it's any consolation, Adobe promises it's "in the process of evaluating the schedule for an update to resolve this vulnerability." Comforting, isn't it?
Alright, we're finally ready for some good news, and here it is. You don't have to use Adobe products to read those PDF files. One of our favorite free alternatives is Foxit's free Reader program available here.
What do you use to read PDF documents? Hit the jump and let us know.
Enter about:config in the browser's location bar
Type jit in the Filter box
If you'd rather not mess around with about:config settings, you can still disable JIT by running Firefox in Safe Mode, which is accessible from the Mozilla Firefox folder.
Microsoft’s last Patch Tuesday of 2008 is on its way, and it’s bringing a heavy amount of updates that you’ll want to be ready for.
Yesterday Microsoft announced a whopping eight security bulletins that will be going public on December 9th. The announcement was meant to allow IT departments some prep time before the post-Monday patch fiasco. Six of the bulletins have been listed as “critical” with two posted up as “important.”
Of the patches, two of them are meant directly for Windows itself. The others are for the separate applications of Microsoft’s Office suite.