As expected earlier today Microsoft and Adobe released their scheduled monthly security updates.
This month sees four known issues listed for this months updates all relating to the AMD Carrizo processor experiencing an issue which prevents the installation of future Windows Updates. Microsoft states in all four knowledge base articles (listed below) they are aware of this issue and are working to resolve it in upcoming updates:
At the time of writing the IT Pro Patch Tuesday blog does not list any Known Issues (although it has not been updated since November 2016, I’m unsure why).
Adobe issued five security bulletins today affecting the following products:
Adobe Campaign (1x priority 2 CVE)
Adobe Flash Player (7x priority 1 CVEs)
Adobe Acrobat and Reader (47x priority 2 CVEs)
Adobe Photoshop (2x priority 3 CVEs)
Adobe Creative Cloud Desktop (2x priority 3 CVEs)
The priority ratings are explained in this link. Depending on which version of Flash Player you have, please review the Adobe security bulletin or Microsoft bulletin as appropriate and apply the recommended updates. Google Chrome users will have the updated version installed automatically later this week.
If you use any of the above-mentioned Adobe products, please review the security bulletins linked to above and apply the necessary updates. The Flash update should be installed as soon as possible since exploit kits (defined) tend to take advantage of newly disclosed vulnerabilities very quickly.
You can monitor the availability of security updates for most your software from the following websites (among others) or use Secunia PSI:
US Computer Emergency Readiness Team (CERT) (please see the “Information on Security Updates” heading of the “Protecting Your PC” page):
A further useful source of update related information is the Calendar of Updates. News/announcements of updates in the categories of General Software, Security Software and Utilities are available on their website. The news/announcements are very timely and (almost always) contain useful direct download links as well as the changes/improvements made by those updates (where possible).
If you like and use it, please also consider supporting that entirely volunteer run website by donating.
If you use any of the above software, please install the appropriate updates as soon as possible. Steps for installing updates for Windows are provided on the “Protecting Your PC” page.
For the Microsoft updates this month, I will prioritize the order of installation for you below:
Microsoft Office and Windows WordPad (due to a previously disclosed zero day vulnerability (defined))
Microsoft .Net Framework
Install the remaining updates at your earliest convenience.
As always you can find detailed information on the contents of each security bulletin within ComputerWorld’s Patch Tuesday Debugged column.
Another security pre-caution that you may wish to take if you have Microsoft EMET (please ensure your version of EMET is the most recent version 5.52) installed is to use it to protect you from Adobe Flash being used to exploit vulnerabilities when you open a Microsoft Office document or Adobe PDF file. I provide recommendations of how to do this at the end of the July 2015 Update Summary. Please note that Microsoft EMET will be out of support on the 31st of July 2018.
As is my standard practice, I would recommend backing up the data on any device for which you are installing updates to prevent data loss in the rare event that any update causes unexpected issues.