On Tuesday the 14th of April Microsoft made available its anticipated security updates resolving 26 CVEs. The individual products affected are detailed in the Security Bulletin Summary. Any Known Issues are also summarized there.
In addition, Adobe also made available updates for Flash Player, ColdFusion and Adobe Flex. Further details are available in the Adobe PSIRT blog post. 24 CVEs in total were resolved.
Oracle (includes Oracle Java) (98 CVEs resolved), Google Chrome (45 security fixes) and VideoLAN VLC for Windows (1 CVE resolved) were also updated last week. For VLC I would recommend that you update to 2.2.1 if you have not already done so since 2.2.0 also included fixes for 5 other CVEs.
You can monitor the availability of security updates for the majority of your software from the following websites (among others) or use Secunia PSI:
—————-
Security Updates Calendar (as mentioned within the heading “Information on Security Updates” within the Protecting Your PC page):
http://www.calendarofupdates.com/updates/index.php?act=calendar
US Computer Emergency Readiness Team (CERT) (as mentioned within the heading “Information on Security Updates” within the Protecting Your PC page):
https://www.us-cert.gov/
—————-
If you use any of the above software, please install the appropriate updates as soon as possible. I would like to mention that Microsoft’s MS15-034 update should be prioritized for installation before all other updates due to its severity and ease of exploitation.
As a routine precaution I would recommend backing up the data on any device for which you are installing updates in order to prevent data loss in the rare event that any update causes unexpected issues.
Thank you.
securityinaction 