Flash Security Vulnerability

Adobe announced October 15th that they issued a patch to fix a zero day security vulnerability. Adobe had warned about the  security vulnerability previous week. A zero day security vulnerability is a hole, or security vulnerability in the software that hackers are currently exploiting. This security vulnerability exists before the vendor issues a patch. Flash has been riddled with such vulnerabilities. You should either be very vigilant in patching, or just turn it off altogether in your browser.  How to disable flash if you are using chrome:

This procedure is essentially the same if you are using Windows, Linus, Chrome OS or a MAC and can be reversed if needed.

Type “chrome:plugins” into the address bar

Look for the “Flash” listing: on the on the Plug-ins page

Select to disable flash, and if you need it for a specific website that you trust, you can enable it again.

If you don’t even want to mess with it, flash can be uninstalled from the add/remove programs panel.

You can also use the two browser method, one browser that you use every day, with flash disabled, and a second one like Firefox that has Flash enabled, for sites that have to have it.

The latest version of Flash is 19.0.0.226 and you may get it at the Flash home page, or of you are one of Aavex’s Managed Service Clients, don’t worry, we have already updated it for you!

Java Security Vulnerability

Oracle released a patch that fixes at least 25 security vulnerabilities. Oracle reports that only one of the vulnerabilities need authentication. Twenty-four  or more, may be remotely exploitable on your computer without any authentication. This can be done by simply visiting a website, or selecting a link in an email.

This is very important. Update your Java as soon as possible. The version with the fixes is Java 8 update 65. You may obtain this update from the Java control panel. You may also download it from https://www.java.com/en/  If you have a Managed Service Contract with Aavex, don’t worry, we have taken care of it for you.

If you think your company has had a security breach  contact Aavex Technology to schedule a Vulnerability Assessment. 630-365-0025