Leave a comment

Get these new Microsoft security updates now to protect against Edge, Spectre and Flash critical flaws

Get these new Microsoft security updates now to protect against Edge, Spectre and Flash critical flaws

Get your update caps on, it's that time of the month everyone! Patch/Update Tuesday came and went and Microsoft and Adobe issued their usual monthly software patches to fix various vulnerabilities.

As we all know, it's important to update your software and apply the new patches as soon as possible to prevent attackers and hackers from exploiting these holes.

This time around, 15 critical bugs were identified and fixed, including a Flash vulnerability that can sneak malware into your PC.

Microsoft Browser Patches

Microsoft just rolled out this month's Patch Tuesday fixes, addressing 75 issues, including 15 critical flaws and 61 that are rated important.

The most critical patches are for Microsoft's web browsers, Internet Explorer and Edge. There are a total of 21 browser fixes with 14 of them rated critical.

The majority of the browser flaws are "scripting engine memory corruption vulnerabilities," meaning hackers can exploit the way Windows' JavaScript engine handles objects in memory. An attacker can then set up a poisoned website to execute remote code and potentially take over a computer.

Meltdown and Spectre Patches

Microsoft also included updates to its Spectre and Meltdown patches. If you can recall in January's patches, Microsoft's chip flaw fixes conflicted with certain antivirus software, so the company decided not to push nor install security updates to computers that have the affected antivirus software installed.

With this month's patches, Microsoft finally reversed that decision on Windows 10. Based on telemetry data gathered, antivirus makers have been complying with Microsoft's software change requests well enough that the conflicts are now considered rare.

Microcode updates for Intel processors are also included in this month's batch. These fixes are meant to address the buggy Spectre fixes that Intel issued earlier.

Other notable bugs that are getting a fix this month are remote code vulnerabilities in Microsoft's Credential Security Provider protocol (CVE-2018-0886) and Windows Shell (CVE-2018-0883).

Critical Adobe Flash Flaw

A critical Adobe Flash flaw is also being addressed this month. This vulnerability is deemed critical since it can allow an attacker to install malware on your computer via a poisoned website.

Basically, an attacker can simply direct you to a booby-trapped website via links, browser redirections or phishing scams to exploit Flash and run malicious code.

However, it is listed as a priority 2 update, which means that it is not being publicly exploited yet.

Flash versions earlier than 28.0.0.161 will have to be updated to protect against this flaw.

I know Flash is on its way out but if you still use it to play web videos and what-not, please update immediately!

How to update Windows

Most Windows machines are set to download and install updates automatically by default. If you haven't changed your automatic update settings then you should be fine.

But if you want to check, here's how:

Automatic Windows updates

 

On Windows 10, click Start (Windows logo), choose "Settings," select "Update & Security," then on the "Windows Update" section, click on "Advanced Options." (Note: the "Windows Update" section is also handy for showing you updates that are currently being downloaded or applied.) Under "Advanced Options," just make sure the drop down box is set to "Automatic."

If you have an older Vista or Windows 7 system, check out our tips on how to set up and check Windows Updates.

Update Adobe Flash

Adobe Flash updates are included in Microsoft's Windows updates.

For Chrome, Internet Explorer 11, and Microsoft Edge browsers, the updates should be applied automatically after a restart. For other browsers, you may need to update the Flash plugin manually.

--> Click here to use our Adobe Flash Update Tool guide for download and install instructions.

The latest Flash Player version for Windows, Mac, Chrome, Microsoft Edge and Internet Explorer 11 and Linux is 28.0.0.161.

In related news, Windows 10 users need to know this huge security warning from Microsoft

Cryptojacking is a growing problem. It's such a threat nowadays that Microsoft is officially warning Windows 10 users about it. Click here to read more.

Next Story
Windows 10 users need to know this huge security warning from Microsoft
Previous Happening Now

Windows 10 users need to know this huge security warning from Microsoft

Pregnant mothers can 3-D print an eerily life-like model of their unborn child so they can hold it before birth
Next Happening Now

Pregnant mothers can 3-D print an eerily life-like model of their unborn child so they can hold it before birth

View Comments ()