Microsoft issues Flash update to patch remote code execution

The update relates to a hole in platforms including Windows 8.1, Windows RT 8.1, Windows 10, and Windows Server 2016

Update key

Microsoft has released a critical update to Adobe Flash Player, which could allow hackers to use it to perform remote code execution processes if left unpatched.

"This security update resolves vulnerabilities in Adobe Flash Player when installed on all supported editions of Windows 8.1, Windows Server 2012, Windows Server 2012 R2, Windows RT 8.1, Windows 10, and Windows Server 2016," the advisory said.

Advertisement - Article continues below

Microsoft added that the update should be installed immediately, but will require a restart to action it.

The update was supposed to be rolled out in last Tuesday's Patch Tuesday security update, but that was delayed due to a "last minute issue." The updates scheduled for release will now be rolled out in the March 14th update instead.

However, this part of the update has appeared much sooner, presumably because it could cause big issues if left unpatched.

The other major update due to be released last week was a zero-day flaw in the SMB file sharing protocol, but the company has, as yet, failed to fix that yet and it's unlikely we'll see a fix until 14 March.

Microsoft issued another security update to the Adobe Flash player last year, which fixed a vulnerability designated 'CVE-2016-7855', which, like this vulnerability, could give hackers access to machines running Windows 7 onwards.

Advertisement
Advertisement - Article continues below

"Adobe is aware of a report that an exploit exists in the wild, and is being used in limited, targeted attacks against users running Windows versions 7, 8.1 and 10," said Adobe in a blog post at the time.

Featured Resources

Top 5 challenges of migrating applications to the cloud

Explore how VMware Cloud on AWS helps to address common cloud migration challenges

Download now

3 reasons why now is the time to rethink your network

Changing requirements call for new solutions

Download now

All-flash buyer’s guide

Tips for evaluating Solid-State Arrays

Download now

Enabling enterprise machine and deep learning with intelligent storage

The power of AI can only be realised through efficient and performant delivery of data

Download now
Advertisement

Recommended

Visit/operating-systems/microsoft-windows/355105/microsoft-puts-windows-development-on-lockdown
Microsoft Windows

Microsoft puts Windows development on lockdown

25 Mar 2020
Visit/software/backup-software/355104/windows-file-history-and-backup-review-useful-but-limited
backup software

Windows File History and Backup review: Useful but limited

25 Mar 2020
Visit/network-internet/web-browser/355101/microsoft-halts-edge-browser-updates-in-light-of-coronavirus
web browser

Microsoft halts Edge browser updates in light of coronavirus pandemic

24 Mar 2020
Visit/cloud/355077/microsoft-prioritises-extra-azure-capacity-for-key-customers
Cloud

Microsoft prioritises extra Azure capacity for 'key customers'

23 Mar 2020

Most Popular

Visit/mobile/mobile-phones/355088/apple-lifts-iphone-purchase-restrictions
Mobile Phones

Apple lifts iPhone purchase restrictions

23 Mar 2020
Visit/operating-systems/microsoft-windows/355105/microsoft-puts-windows-development-on-lockdown
Microsoft Windows

Microsoft puts Windows development on lockdown

25 Mar 2020
Visit/security/data-breaches/355097/ge-employees-hit-by-canon-data-breach
data breaches

General Electric employees hit by Canon data breach

24 Mar 2020
Visit/cloud/355098/ibm-dedicates-supercomputing-power-to-coronavirus-researchers
high-performance computing (HPC)

IBM dedicates supercomputing power to coronavirus research

24 Mar 2020