14 DAY TRIAL // As it usually happens on the second Tuesday of each month, Adobe has rolled out a new version of its Flash Player software today, promising to fix a number of security bugs that have recently been discovered in its code.
At this point, Adobe hasn’t yet released a detailed changelog of what’s new in Flash Player 15.0.0.189, but given the fact that today is the day when the company rolls out security improvements for its software, it’s only natural to expect this fresh release to come with patches in this regard.
Of course, all users are recommended to update to the latest version as soon as possible in order to make sure that no vulnerabilities exist in Flash Player, which is currently one of the most used client runtime environments on the web.
Busy month for all users
Even though Adobe hasn’t yet released an advisory on this new version, security experts across the world have already predicted that October 2014 will be a really busy month for users, especially because several companies prepared important security patches for their software.
Paul Ducklin of security company Sophos has explained that in addition to Microsoft and Adobe, Oracle also brings out a handful of security fixes for its applications during the same patching Tuesday used by the other software giants.
“Get ready for a bigger-than-usual Patch Tuesday this month. October is one of Oracle's Critical Patch Update (CPU) months, and there are usually more fixes in a CPU than there are Bulletins in the average Microsoft or Adobe update. That's because Oracle buffers up its fixes for a quarter at a time, instead of patching every month,” Ducklin writes.
“Oracle also publishes its patches on the Tuesday closest to the middle of the month, which often gives you a week's breathing space after Microsoft and Adobe go live on the second Tuesday.”
Windows updates also expected
Microsoft also prepares a total of 9 different bulletins for this Patch Tuesday, three of which are considered to be critical and supposed to fix flaws in Windows, Internet Explorer, and Office.
“Five of the nine patches are listed as fixing Remote Code Execution (RCE) holes, typically the sort of bug that Oracle described above as ‘remotely exploitable without authentication,’ and that Adobe warned could ‘potentially allow an attacker to take over the affected system,’” Ducklin adds.
Microsoft will start shipping its updates in just a few hours, so make sure that your computer is connected to the Internet and the Windows Update feature is turned on to get all the patches.