April, 2016: Patch Monday: Active Attacks for Adobe Flash

Before you do anything, get rid of Quicktime. Click here to read my blog article about this threat.

Welcome to this April Patch Monday Bulletin. There are quite a bit of vulnerabilities patched this month for Adobe, Google and Oracle. There is a vulnerability in Adobe Flash that is being actively attacked this month (CVE-2016-1019) and should be the top priority. The exploitation of this vulnerability may result in denial of service or arbitrary code execution so it is important to test and roll this patch out as soon as possible. Adobe released patches for four other products that include Air, Analytics for Flash Library, RoboHelp Server and the Creative Cloud Desktop Application. If any of these products are in use then it is a good idea to test and apply these patches as well. Google released several stable updates to Chrome this month that remediate numerous vulnerabilities. Finally, this month is the second quarterly Oracle critical patch update. There were 9 vulnerabilities patched for Java this month in addition to the out of band patch for CVE-2016-0636 in March. If Java was not patched last month then the patch process for Java should be implemented following Flash. Take this month to review browser configurations that may mitigate flash exploits such as removing flash if it is not necessary or enabling click to play as opposed to running flash automatically.

Correlate application security events with all the other enterprise events

If your SIEM isn't getting the security events from Microsoft's enterprise applications, it is missing an important part of the story. SQL Server, Exchange and SharePoint audit logs are too important to be missing from your SIEM or log management solution. Find out more about how to audit these applications, and learn how to get their security audit event data into your SIEM.

Browse to www.logbinder.com/Solutions

Patch data provided by:

 

Identifier

Vendor/Product

Product Version Affected

Date Released by Vendor

Vulnerability Info

Vendor
Severity / Our Recommendation

CVE-2016-1036

Adobe Analytics for Flash Library

4.0 and earlier

4/21/2016

Cross Site Scripting

Important: Priority 2/ Upgrade within 30 days

CVE-2016-1035

Adobe RoboHelp Server

9.01

4/12/2016

Information Disclosure

Critical: Priority 2/ Upgrade within 30 days

CVE-2016-1034

Adobe Creative Cloud Desktop Application

3.5.1.209 and earlier

4/12/2016

Remote Arbitrary Read/Write

Important: Priority 2/ Upgrade within 30 days

Multiple CVE’s

Adobe Flash

Win/Mac

21.0.0.197 and earlier

Win/Mac ESR

18.0.0.333 and earlier
Linux

11.2.202.577 and earlier

4/7/2016

Arbitrary Code Execution, Denial of Service, Security Bypass

Critical: Priority 1/ Upgrade as soon as possible

Multiple CVE’s

Adobe Air

Win/Mac

21.0.0.176 and earlier

4/7/2016

Arbitrary Code Execution, Denial of Service, Security Bypass

Critical: Priority 3/ Upgrade at admin’s discretion

Multiple CVE’s

Google Chrome

Win Before 50.0.2661.87

Mac/Linux

50.0.2661.86

4/20/2016

Cross Site Scripting, Denial of Service, Security Bypass, Spoofing, Information Disclosure

Update as soon as possible

Multiple CVE’s

Oracle Java

Java SE 6u113, 7u99, 8u77

4/19/2016

Multiple Remotely Exploitable Vulnerabilities

Update as soon as possible


Send me this chart next Patch Tuesday.
Email:
We will not share your address. Unsubscribe anytime.