Adobe and Microsoft have released a large number of critical security updates on August 8th, 2017, to address 48 different vulnerabilities in Windows, Internet Explorer, Edge, Microsoft SharePoint, Microsoft SQL Server, as well as Adobe Flash Player.
The Windows update corrects a security flaw in the Windows Search Service in both Windows workstations and servers.
Please see https://portal.msrc.microsoft.com/en-us/security-guidance/releasenotedetail/b3d96835-f651-e711-80dd-000d3a32fc99 for Microsoft patches per Operating System.
Also addressed is a security flaw in internet applications that host the “WebBrowser Control” https://technet.microsoft.com/library/security/4038556.
In addition to the Microsoft Patches released, Adobe has released security updates which if left unpatched, respectively, could lead to information disclosure, remote code execution and memory address disclosure.
Users and administrators are encouraged to review Adobe Security Bulletins APSB17-24 and apply the necessary updates.
The affected versions of these products are as follows:
Adobe Flash Player
| Adobe Flash Player Desktop Runtime | All versions earlier than 26.0.0.151 | Windows, Macintosh and Linux |
| Adobe Flash Player for Google Chrome | All versions earlier than 26.0.0.151 | Windows, Macintosh and Linux |
| Adobe Flash Player for Microsoft Edge and IE 11 | All versions earlier than 26.0.0.151 | Windows, Macintosh and Linux |
Adobe Acrobat/Reader
| Adobe Acrobat/Reader DC (Continuous Track) | All versions earlier than 2017.009.20058 | Windows and Macintosh |
| Adobe Acrobat/Reader 2017 | All versions earlier than 2017.008.30051 | Windows and Macintosh |
| Adobe Acrobat DC/Reader DC | All versions earlier than 2015.006.30306 | Windows and Macintosh |
| Acrobat XI/Acrobat Reader XI | All versions earlier than 11.0.20 | Windows and Macintosh |
We recommend that system administrators upgrade to the latest version of either of these products.
Adobe Flash Player 26.0.0.151 is the latest version for all platforms.
