Security News Microsoft Patches Remote Code Execution Vulnerability in Adobe Flash Player

[Solarquest]

Today Microsoft released the MS17-005 Security Update for Adobe Flash Player (4010250), which patches a remote code execution vulnerability in Adobe Flash Player. This update resolves the same vulnerabilities patched by Adobe on February 14th in their APSB17-04 update.

KB4010250 Flash Player Update
This vulnerability is labeled Critical because it could allow an attacker to remotely execute commands on the vulnerable computer. This could be done by the attacker creating specially crafted scripts on websites that then can execute commands on visiting vulnerable computers to install malware or other unwanted software.

All Windows users should immediately download and install this update to protect themselves.

 

[Winter Soldier]

I don't use Flash Player but I understand that it is annoying following the updates, however I prefer the quickness of fixing the flaws that the total absence of corrections.

 

[509322]

Disable Flash and there is no need to fret over it. How you like them apples ?

 

[Winter Soldier]

Disable Flash and there is no need to fret over it. How you like them apples ?

I agree, but unfortunately many of my colleagues are using web console that require FP.
Recently some platforms are migrating to HTML5.

 

[509322]

I agree, but unfortunately many of my colleagues are using web console that require FP.
Recently some platforms are migrating to HTML5.

Symantec still uses Oracle Java for their SEP management server... although SEP does have generic anti-exploit protections. I assume that would provide basic protection for Java.

 

[Winter Soldier]

Symantec still uses Oracle Java for their SEP management server...

Some of us use web console for the remote PLC management and programming.
Many of these applications are home coded.