August 2010 Security Updates

August 2010 has been a busy month for Windows security updates...

# Microsoft Windows 7, Windows Vista and Windows XP:

Microsoft releases security updates on the second Tuesday of every month. Tuesday 10th August 2010 Microsoft released 14 new security updates (6 critical and 8 important) that plug 34 vulnerabilities. This is a wide breadth of urgent patches, do not delay in using Windows/Microsoft update to install the required patches for your PC.

7 updates for Microsoft Windows
2 updates for Microsoft Office
1 update for Windows Media Player
1 update for Windows Server
1 update for Microsoft XML
1 update for Internet Explorer
1 update for .NET Framework

However NOT all users will require EVERY patch.

For Home Users read:

You probably already have Automatic Updates turned on, but you can manually check to see if you have any security updates waiting for you by visiting the Microsoft Update website - click here.

You may also find this page helpful... Get help with security issues


For IT Professionals read:

Microsoft Security Bulletin Summary for August 2010

The Microsoft Security Response Center Blog - August 2010

Please note: More information about the current Windows Shortcut Security threat can be found here and here (KB2286198) and a TechNet Webcast: Information about Microsoft's August 2010 Security Bulletin Release is available here.

------------------------------------------------------------------------------------------------------------

# Support for Windows XP SP2 Has Ended:

Support for Windows XP Service Pack 2 (SP2) ended on July 13, 2010. Microsoft are NO longer providing security updates to this version of Windows XP.

To stay secure either:

#1 - Upgrade to Windows 7.

#2 - If you are not ready to move to Windows 7, then apply the most current Service Pack to continue to receive updates and support. For Windows XP support and updates, upgrade to SP3.

Click here for more information on Windows XP (SP3)

Click here for more information on Windows XP end of service

-------------------------------------------------------------------------------------------------------------

# Adobe Reader Security Update:

Adobe has shipped an updated version of its PDF Reader with patches for two critical vulnerabilities.

The flaws fixed in this out-of-cycle patch affects Adobe Reader 9.3.3 and earlier versions for Windows, Mac and UNIX.

The latest version you should have installed is: 9.3.4

You can download the latest version from Adobe here. (Includes Adobe AIR 2.0.3)

-------------------------------------------------------------------------------------------------------------

# Adobe Flash Security Update:

Adobe's Flash Player software is vulnerable to at least six critical security vulnerabilities that could allow hackers to launch remote code execution attacks, the company warned in an advisory. The flaws affect Adobe Flash Player for Windows, Macintosh, Linux and Solaris.

Adobe AIR 2.0.2.12610 and earlier versions for Windows, Macintosh and Linux are also affected by these vulnerabilities!!! (Make sure you have Adobe AIR 2.0.3 installed.)

The latest version of Adobe Flash player you should have installed is: 10.82.76

You can download the latest version from Adobe here.

-------------------------------------------------------------------------------------------------------------

# Google Chrome Internet Browser Security Update:

Google has released a new version of its Chrome browser in response to the latest batch of high-risk security vulnerabilities discovered in its popular browser.

The company released the updated Google Chrome with patches for 9 security holes and a workaround for a Windows kernel bug.

The latest version you should have installed is: 5.0.375.127

You can download the latest version from Google here.

# Opera Internet Browser Security Update:

Opera has shipped a new version of its web browser to patch three potentially dangerous security vulnerabilities.

The most serious of the three flaws could allow hackers to execute harmful code and take complete control of a Windows computer.

The latest version you should have installed is: 10.61

You can download the latest version from Opera here.

# Apple QuickTime Security Update:

A Spanish tech researcher has has discovered a way to attack a Windows computer using a flaw in Apple's popular QuickTime software. This exploit will bypass advanced security defences, both DEP (Data Execution Prevention) and ASLR (Address Space Layout Randomization), to take complete control of a targeted PC. The flaw could be exploited with a maliciously crafted movie file distributed via the Internet/email etc.

This is a serious security risk and you should be running the "patched" version of QuickTime that Apple has released this month!

The latest version you should have installed is: 7.6.7

You can download the latest version from Apple here. (Available for Windows XP SP3, Windows Vista and Windows 7.)

# FAKE Microsoft's Software Removal Tool On The Loose!

There is a recent surge in FAKE versions of Microsoft's Software Removal Tool being reported online. This particular piece of malware reports that your system is infected and that the application recommends the installation of the bogus Shield EC Antivirus to clean it. However, licence key is out of date and needs to be renewed... This is just a "scareware" tactic as the REAL utility from Microsoft is FREE! If you do fall for this scam, the website you are taken too then attempts to infect your PC with a Trojan Virus!

Do NOT fall for this, simply remove the malware utility from your system!

You can download the latest version of the REAL Microsoft utility here.

>>> My FREE Windows Newsletter! >>>

Claim YOUR Fortnightly copy of my FREE Windows Newsletter covering:

Windows XP, Windows Vista, Windows 7 , Microsoft Office and Windows Live Services - Sign-up TODAY!!!

Enjoy!

Kind Regards

Marc Liron - Microsoft MVP
www.marcliron.com
www.twitter.com/marcliron
http://marcliron.spaces.live.com/
www.google.com/profiles/marc.liron
http://blog.marcliron.com