Microsoft and Adobe security patch round up

by Andy on November 9th, 2011 in Security Alert, Security Tips.

Microsoft have published a Security Bulletin Summary for November 2011. A number of updates have been released including one "critical" and two "important" severity updates.

The patches address remote code execution, elevation of privilege and denial of service vulnerabilities. Importantly, an update has been released to patch the critical vulnerability in the TCP/IP stack (MS11-083). Microsoft report that "the vulnerability could allow remote code execution if an attacker sends a continuous flow of specially crafted UDP packets to a closed port on a target system."

Users are strongly advised to treat this as high priority.

Full details here.

Security updates are available here.

In other updates, Adobe have published a security patch (APSB11-27) to address critical vulnerabilities in Shockwave Player 11.6.1.629 and earlier that could allow an attacker to run malicious code on the affected system.

Adobe recommends users of Adobe Shockwave Player 11.6.1.629 and earlier versions upgrade to the newest version 11.6.3.633 available here.