Adobe Security Bulletins

siljaline · May 13, 2014

Adobe Sandbox Version XI (11.0.07) is now available:
Wilders TOS does not allow us to point at the Adobe FTP.
Please ensure you deselect all third party offerings.
http://get.adobe.com/reader/

The Security Bulletin has also been amended to reflect recent changes:
http://helpx.adobe.com/security/products/reader/apsb14-15.html

ronjor · May 13, 2014

Security updates available for Adobe Flash Player

Release date: May 13, 2014

Vulnerability identifier: APSB14-14

Priority: See table below

CVE number: CVE-2014-0510, CVE-2014-0516, CVE-2014-0517, CVE-2014-0518, CVE-2014-0519, CVE-2014-0520

Platform: All Platforms
Summary

Adobe has released security updates for Adobe Flash Player 13.0.0.206 and earlier versions for Windows and Macintosh and Adobe Flash Player 11.2.202.356 and earlier versions for Linux. These updates address vulnerabilities that could potentially allow an attacker to take control of the affected system. Adobe recommends users update their product installations to the latest versions:
Click to expand...

http://helpx.adobe.com/security/products/flash-player/apsb14-14.html

ronjor · May 14, 2014

Security hotfix available for Adobe Illustrator (CS6)

Release date: May 13, 2014

Vulnerability identifier: APSB14-11

Priority: See table below

CVE number: CVE-2014-0513

Platform: Windows and Macintosh
Summary

Adobe has released a security hotfix for Adobe Illustrator (CS6) for Windows and Macintosh. This hotfix addresses a vulnerability that could be exploited to gain remote code execution on the affected system. Adobe recommends users update their product installations using the instructions provided in the “Solution” section below.
Click to expand...

http://helpx.adobe.com/security/products/illustrator/apsb14-11.html

siljaline · Jun 10, 2014

Security updates available for Adobe Flash Player
See table below
CVE number: CVE-2014-0531, CVE-2014-0532, CVE-2014-0533, CVE-2014-0534, CVE-2014-0535, CVE-2014-0536
Platform: All Platforms

https://helpx.adobe.com/security/products/flash-player/apsb14-16.html

siljaline · Jun 11, 2014

See also:
http://helpx.adobe.com/en/flash-player/release-note/fp_14_air_14_release_notes.html

siljaline · Jul 7, 2014

Adobe will surely release a new version of Flash Player
There are currently no bulletins released that would indicate Adobe intends on doing this but this has been the trend over the last months.

Beware of added offers per screenshot - ensure you always opt-out of these.

anon · Jul 8, 2014

Adobe Flash Player v.14.0.0.145 released today.

Release Notes: http://helpx.adobe.com/flash-player/release-note/fp_14_air_14_release_notes.html
--------------------------

Security updates available for Adobe Flash Player
Release date: July 8, 2014
Vulnerability identifier: APSB14-17
http://helpx.adobe.com/security/products/flash-player/apsb14-17.html
---------------------------

Adobe Flash Player version check:
http://www.adobe.com/software/flash/about/

JRViejo · Jul 8, 2014

Users of Google's Chrome and Microsoft's Internet Explorer 10 (IE10) and IE11 can rest easy today knowing that their browsers will automatically update to the latest version of Adobe Flash, which will block a credential-stealing attack disclosed earlier in the day.

Those who rely on Apple's Safari, pre-IE10 editions of IE, Mozilla's Firefox and Opera Software's Opera, however, should hustle to the Adobe website to download and install the latest version of Flash, security experts advised.
Click to expand...

Patch alert: Update browsers' Flash ASAP to block log-on theft by Gregg Keizer.

Thankful · Jul 9, 2014

JRViejo said: ↑

Patch alert: Update browsers' Flash ASAP to block log-on theft by Gregg Keizer.
Click to expand...

In theory, yes. However, had to update IE 11 manually.
Still waiting for Chrome plugin to update.

JRViejo · Jul 9, 2014

Thankful said: ↑

In theory, yes. However, had to update IE 11 manually.
Click to expand...

Thanks for that news! I run Firefox, not IE, and your comment will hopefully help those who do.

FleischmannTV · Jul 9, 2014

Still waiting for Chrome plugin to update.
Click to expand...

All hail the mighty Chrome component updater. It's magic. Nobody knows how it works and when it decides to update, you can't even force it. Not even Google. Pure awesome. Everytime a component update is posted on googlechromereleases.blogspot.de, there are dozens of complaints from users that nothing is happening, in some cases for days. No reaction from Google.

FanJ · Jul 10, 2014

Thankful said: ↑

In theory, yes. However, had to update IE 11 manually.
Click to expand...

Hi,
Isn't it the "problem" that the start of the article by Gregg Keizer is slightly misleading:

Users of Google's Chrome and Microsoft's Internet Explorer 10 (IE10) and IE11 can rest easy today knowing that their browsers will automatically update to the latest version of Adobe Flash, which will block a credential-stealing attack disclosed earlier in the day.
Click to expand...

That start of the article doesn't speak about different versions of Windows. Later on in the article he does:

As Kandek noted, Microsoft and Google bake Flash into their browsers and so take on the responsibility of updating their software whenever Adobe issues security patches, as it did today. IE10 on Windows 8 and IE11 on Windows 8.1 -- the versions for the "Metro" mode -- include Flash; Windows 7 users must update Flash Player separately, however, as must those running Windows 8 or Windows 8.1 on the classic Windows desktop.
Click to expand...

And the article doesn't speak about your update settings for Flash.

On my Win 7, with IE 11, with automatically updating disabled in Flash, I manually install a new Flash version.

siljaline · Jul 10, 2014

IE 11 under Windows 7 has to be patched manually regardless of what anyone says.
If you do not do this - you get no Adobe Flash Patches.
Also see:
https://technet.microsoft.com/library/security/2755801

ronjor · Jul 10, 2014

https://www.wilderssecurity.com/threads/microsoft-security-advisory-2755801.335467/

siljaline · Jul 10, 2014

ronjor said: ↑

https://www.wilderssecurity.com/threads/microsoft-security-advisory-2755801.335467/
Click to expand...

Yup, I know they're there, this was in context to the thread reply.

anon · Aug 12, 2014

Adobe Flash Player v.14.0.0.176 released.

Security updates available for Adobe Flash Player
Release date: August 12, 2014
Vulnerability identifier: APSB14-18

http://helpx.adobe.com/security/products/flash-player/apsb14-18.html
Click to expand...

anon · Aug 12, 2014

Adobe Reader XI v.11.0.8

Security Updates available for Adobe Reader and Acrobat
Release date: August 12, 2014
Vulnerability identifier: APSB14-19

http://helpx.adobe.com/security/products/reader/apsb14-19.html
Click to expand...

11.0.08 Out of cycle update, Aug 12, 2014

This release is an out of cycle security update for Windows.

http://www.adobe.com/devnet-docs/acrobatetk/tools/ReleaseNotes/11/11.0.08.html#elevenzerozeroeight
Click to expand...

siljaline · Aug 13, 2014

Adobe Reader reintroduces MSCONFIG item "AdobeARM.exe" - this is a user choice entry.
http://www.systemlookup.com/Startup/20618-AdobeARM_exe.html

siljaline · Sep 4, 2014

Prenotification Security Advisory for Adobe Reader and Acrobat | Vulnerability identifier: APSB14-20

Adobe is planning to release security updates on Tuesday, September 9, 2014 for Adobe Reader and Acrobat for Windows and Macintosh.
Click to expand...

http://helpx.adobe.com/security/products/reader/apsb14-20.html

anon · Sep 6, 2014

Sept 2014: No Security updates for Adobe Flash Player

Adobe slates critical Reader security update for Tuesday
Will patch both Reader and Acrobat, but will not fix Flash this month, a first for 2014
..
...
But it won't be updating Flash Player, its ultra-popular media playing program. If that holds through the end of the month -- if Adobe does not have to issue an "out-of-cycle," or emergency, patch -- it would be a first for 2014.
..
..
Adobe Flash Player, which is more widely installed and used than Reader, will not be patched next week. Since the start of 2014, Adobe has released 10 security updates for the frequently-targeted Flash Player, with at least one each month.
..
..
http://www.computerworld.com/articl...tical-reader-security-update-for-tuesday.html
Click to expand...

siljaline · Sep 7, 2014

We could probably depend on it (a Flash Player release) despite what Gregg Keizer said.

So sayeth Larry Seltzer -

It has also become popular for other companies, most prominently Adobe, to release security updates for their own products on that day.
Click to expand...

As has Adobe been notorious for releases without service bulletins or advance notice.

anon · Sep 9, 2014

siljaline said: ↑

Prenotification Security Advisory for Adobe Reader and Acrobat | Vulnerability identifier: APSB14-20

Adobe is planning to release security updates on Tuesday, September 9, 2014 for Adobe Reader and Acrobat for Windows and Macintosh.
Click to expand...

http://helpx.adobe.com/security/products/reader/apsb14-20.html
Click to expand...

Postponed=

UPDATE: Upcoming Security Updates for Adobe Reader and Acrobat (APSB14-20)

UPDATE: The security update for Adobe Reader and Acrobat has been re-scheduled from September 9, 2014 to the week of September 15, 2014. This delay was necessary to address issues identified during routine regression testing.

A prenotification Security Advisory has been posted in regards to upcoming Adobe Reader and Acrobat updates scheduled for Tuesday, September 9, 2014.

We will continue to provide updates on the upcoming release via the Security Advisory as well as the Adobe PSIRT blog.

http://blogs.adobe.com/psirt/?p=1121
Click to expand...

Prenotification Security Advisory for Adobe Reader and Acrobat
Release date: September 4, 2014
Last updated: September 8, 2014
Vulnerability identifier: APSB14-20
http://helpx.adobe.com/security/products/reader/apsb14-20.html
Click to expand...

anon · Sep 9, 2014

anon said: ↑

Sept 2014: No Security updates for Adobe Flash Player
Click to expand...

Adobe Flash Player v.15.0.0.152 released today.
link removed as per forum notice
https://www.wilderssecurity.com/threads/adobe-flash-player-v11-4-402-278.332454/

http://www.adobe.com/software/flash/about/

Victek · Sep 9, 2014

anon said: ↑

Adobe Flash Player v.15.0.0.152 released today.

link removed as per forum notice
https://www.wilderssecurity.com/threads/adobe-flash-player-v11-4-402-278.332454/

http://www.adobe.com/software/flash/about/
Click to expand...

I couldn't find release info. Any idea what's different/new in v15?

prius04 · Sep 9, 2014

Victek said: ↑

I couldn't find release info. Any idea what's different/new in v15?
Click to expand...

http://helpx.adobe.com/flash-player/release-note/fp_15_air_15_release_notes.html

Log in or Sign up

Adobe Security Bulletins

siljaline Registered Member

ronjor Global Moderator

ronjor Global Moderator

siljaline Registered Member

siljaline Registered Member

siljaline Registered Member

anon Registered Member

JRViejo Super Moderator

Thankful Savings Monitor

JRViejo Super Moderator

FleischmannTV Registered Member

FanJ Updates Team

siljaline Registered Member

ronjor Global Moderator

siljaline Registered Member

anon Registered Member

anon Registered Member

siljaline Registered Member

siljaline Registered Member

anon Registered Member

siljaline Registered Member

anon Registered Member

anon Registered Member

Victek Registered Member

prius04 Registered Member

Log in or Sign up

Adobe Security Bulletins

siljaline Registered Member

ronjor Global Moderator

ronjor Global Moderator

siljaline Registered Member

siljaline Registered Member

siljaline Registered Member

anon Registered Member

JRViejo Super Moderator

Thankful Savings Monitor

JRViejo Super Moderator

FleischmannTV Registered Member

FanJ Updates Team

siljaline Registered Member

ronjor Global Moderator

siljaline Registered Member

anon Registered Member

anon Registered Member

siljaline Registered Member

siljaline Registered Member

anon Registered Member

siljaline Registered Member

anon Registered Member

anon Registered Member

Victek Registered Member

prius04 Registered Member

Useful Searches