June, 2015: Patch Monday: Adobe and Chrome

Welcome to this June Patch Monday bulletin. This is a relatively light month for patching and there do not appear be active attacks against any of the software in the bulletin this month. Start this month with Adobe Flash and Air due to a large number of vulnerabilities that are patched and could allow arbitrary code execution. Google Chrome has updated the browser to include an updated version of Flash so apply this patch if Chrome is in the environment. Adobe has also released patches for Photoshop and Bridge. Exploiting this software could lead to arbitrary code execution so it is important to be aware of this software in your environment and patch accordingly. This is a great month to examine the patch management program to find out how to deliver patches more efficiently.

One of the most frequent complaints I hear from you folks is “We need a SIEM but can't afford the big enterprise solutions.” And as a tech-heavy small business owner I truly understand the need for software that installs in minutes and doesn't require a ton of planning, learning, design and professional services before you start getting results. So I recently reviewed a fast, easy and affordable SIEM and Log Management solution that I think deserves your attention. Read the blog about it here.

Easily patch the servers, desktops, and laptops in your Windows environment with SolarWinds Patch Manager. Download a free fully functional 30 day trial of SolarWinds Patch Manager.

  • Centrally deploy patches to physical & virtual Windows® desktops & servers with pre-built, tested patches from vendors such as Adobe®, Apple®, Google®, Mozilla®, Oracle® & others
  • Decrease security risks & service performance degradation by controlling when & where patches are applied
  • View the patch status of mission-critical servers with an intuitive patch status dashboard
  • Pass audits and demonstrate compliance with out-of-the-box reports and dashboard views
  • Extend your WSUS or SCCM patch management environment to apply common 3rd-party patches for Adobe®, Apple®, Google®, Mozilla®, and Oracle® Java™ management solution

Click here to find out more about SolarWinds Patch Manger.

So, without further ado, here’s the chart of non-MS patches that affect Windows platforms in the past month. 

Patch data provided by:

Identifier

Vendor/Product

Product Version Affected

Date Released by Vendor

Vulnerability Info

Vendor
Severity / Our Recommendation

APSB15-11 Adobe Flash

Win/Mac
17.0.0.188 and earlier
Win/Mac ESR
13.0.0.289 and earlier
Linux 11.2.202.460 and earlier

6/9/2015 Arbitrary Code Execution Critical: Priority 1/ Upgrade within 72 hours
APSB15-11 Adobe Air Win/Mac
17.0.0.172 and earlier
6/9/2015 Arbitrary Code Execution Critical: Priority 3/ Upgrade at admin’s discretion
APSB15-12 Adobe Photoshop Win/Mac
Before 16.0 (2015.0.0)
6/16/2015 Arbitrary Code Execution Critical: Priority 3/ Upgrade at admin’s discretion
APSB15-13 Adobe Bridge Win/Mac
Before 6.11
6/16/2015 Arbitrary Code Execution Critical: Priority 3/ Upgrade at admin’s discretion
 
43.0.2357.124 Google Chrome Win/Mac
Before 43.0.2357.124
Linux
43.0.2357.125
6/11/2015 Arbitrary Code Execution (Updated Flash) Update as soon as possible


Send me this chart next Patch Tuesday.
Email:
We will not share your address. Unsubscribe anytime.