HP has confirmed that it’s Synaptics Touchpad Driver has a vulnerability that can allow it to be used as a keylogger and has posted a fix: HP Security Bulletin. Scroll down the page for your HP or Compaq model under Product Name and install the software update from the link to the right of the entry that corresponds to your HP/Compaq model.
If you have QuickTime installed on your PC you’ll need to uninstall it without delay. According to a blog post at Trend Micro, there are two zero day vulnerabilities related to QuickTime that Apple will not be patching because it is ending support for QuickTime on Windows.
Adobe is again issuing updates to it's Flash and Reader programs to prevent malware from having the upper hand. While it may seem like a hassle to have to keep updating Flash and Reader, it is important to keep these programs updated because they are becoming the preferred target of Malware trying to make it's way into our computers.
The Adobe Reader update that we have been waiting almost a month for has finally arrived.
Adobe has has updated it's Reader Software to version 9.3. This version patches a JavaScript vulnerability that is considered critical and everyone that uses Adobe Reader software is strongly urged to update at once.
A new vulnerability has been found in Adobe Reader and Adobe Acrobat. In order to stay protected until a patch is issued, Adobe recommends that users disable JavaScript in these programs.
Disabling JavaScript is a fast, simple procedure. From within Adobe Reader, go to Edit, choose Preferences, then on the left-side of the window, click JavaScript. Uncheck Enable Acrobat JavaScript, then click OK.
Adobe is expected to issue a patch for this vulnerability during the second week of January. Until then, you can stay protected by disabling JavaScript.
Adobe has issued a new security update for Adobe Flash. The new version, 10.0.42.34, fixes a vulnerability that could allow an attacker to take control of an affected PC.
If you use other browsers besides Internet Explorer, download and install both updated Flash Players (One is for IE and the second is for all other browsers).
Yesterday, Microsoft took the unusual step of releasing two emergency updates, one for a Critical Vulnerability in Internet Explorer and another for Visual Studio. It is rare for Microsoft to deviate from it's monthly patch schedule, which should give you an idea of how important this particular update is. Normally, patches are issued once a month (on the second Tuesday).
Adobe is warning about a Critical Vulnerability in Adobe Acrobat and Adobe Reader. Until a patch is issued, be wary of any PDFs posted online or received unexpectedly via email. If a malicious PDF file is opened, the vulnerability will allow malicious files to be silently downloaded onto your system. According to reports, this vulnerability is already being exploited.
Just as it's important to visit Windows Updates on a regular basis or have Automatic Updates enabled, it's also necessary to run the latest versions of software to ensure that your PC is protected. Of particular importance is always running the latest versions of Flash Player, Java, Adobe Reader and QuickTime. They have all experienced vulnerabilities in the past that have allowed PCs to become compromised while running the vulnerable versions.
It seems that lately there have been a lot of security vulnerabilities found in many of the most commonly used software. Unfortunately, many of us don't have the time (or desire) to go through all our installed software looking for updates just to stay safe online.