Microsoft issues Flash update to patch remote code execution

The update relates to a hole in platforms including Windows 8.1, Windows RT 8.1, Windows 10, and Windows Server 2016

Update key

Microsoft has released a critical update to Adobe Flash Player, which could allow hackers to use it to perform remote code execution processes if left unpatched.

"This security update resolves vulnerabilities in Adobe Flash Player when installed on all supported editions of Windows 8.1, Windows Server 2012, Windows Server 2012 R2, Windows RT 8.1, Windows 10, and Windows Server 2016," the advisory said.

Microsoft added that the update should be installed immediately, but will require a restart to action it.

The update was supposed to be rolled out in last Tuesday's Patch Tuesday security update, but that was delayed due to a "last minute issue." The updates scheduled for release will now be rolled out in the March 14th update instead.

Advertisement
Advertisement - Article continues below
Advertisement - Article continues below

However, this part of the update has appeared much sooner, presumably because it could cause big issues if left unpatched.

The other major update due to be released last week was a zero-day flaw in the SMB file sharing protocol, but the company has, as yet, failed to fix that yet and it's unlikely we'll see a fix until 14 March.

Microsoft issued another security update to the Adobe Flash player last year, which fixed a vulnerability designated 'CVE-2016-7855', which, like this vulnerability, could give hackers access to machines running Windows 7 onwards.

"Adobe is aware of a report that an exploit exists in the wild, and is being used in limited, targeted attacks against users running Windows versions 7, 8.1 and 10," said Adobe in a blog post at the time.

Featured Resources

What you need to know about migrating to SAP S/4HANA

Factors to assess how and when to begin migration

Download now

Your enterprise cloud solutions guide

Infrastructure designed to meet your company's IT needs for next-generation cloud applications

Download now

Testing for compliance just became easier

How you can use technology to ensure compliance in your organisation

Download now

Best practices for implementing security awareness training

How to develop a security awareness programme that will actually change behaviour

Download now
Advertisement

Recommended

Visit/infrastructure/server-storage/354508/synology-flashstation-fs3400-same-old-same-old
Server & storage

Synology FlashStation FS3400: Same old, same old

9 Jan 2020
Visit/cloud/cloud-computing/354478/microsoft-has-an-edge-on-aws-according-to-it-executives
cloud computing

Microsoft has an edge on AWS, according to IT executives

8 Jan 2020
Visit/hardware/354336/the-it-pro-products-of-the-year-2019-all-the-years-best-hardware
Hardware

The IT Pro Products of the Year 2019: All the year’s best hardware

24 Dec 2019
Visit/security/internet-security/354417/avast-and-avg-extensions-pulled-from-chrome
internet security

Avast and AVG extensions pulled from Chrome

19 Dec 2019

Most Popular

Visit/microsoft-windows/32066/what-to-do-if-youre-still-running-windows-7
Microsoft Windows

What to do if you're still running Windows 7

14 Jan 2020
Visit/operating-systems/25802/17-windows-10-problems-and-how-to-fix-them
operating systems

17 Windows 10 problems - and how to fix them

13 Jan 2020
Visit/hardware/laptops/354533/dell-xps-13-new-9300-hands-on-review-chasing-perfection
Laptops

Dell XPS 13 (New 9300) hands-on review: Chasing perfection

14 Jan 2020
Visit/web-browser/30394/what-is-http-error-503-and-how-do-you-fix-it
web browser

What is HTTP error 503 and how do you fix it?

7 Jan 2020