-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Reference: CERT-EU Security Advisory 2012-0115 Title: Update for Vulnerabilities in Adobe Flash Player in Internet Explorer 10 [1] Version history: 24.09.2012 Initial publication Summary ======= Microsoft is announcing the availability of an update for Adobe Flash Player in Internet Explorer 10 on all supported editions of Windows 8 and Windows Server 2012. The update addresses the vulnerabilities in Adobe Flash Player by updating the affected Adobe Flash libraries contained within Internet Explorer 10. Affected Versions ================= Adobe Flash Player in Internet Explorer 10 on all supported editions of Windows 8 and Windows Server 2012. Original Details ================ Microsoft released an update for vulnerabilities in Adobe Flash Player in Internet Explorer 10 (KB2755399). The update addresses the vulnerabilities described in Adobe security bulletins APSB12-18 and APSB12-19. As of the release of this update, CVE-2012-1535 is known to be under active attack. For more information about this update, including download links, see Microsoft Knowledge Base Article 2755399. What can you do? ================ Patches are available [1] Workarounds are available [1] What to tell your users ======================= Normal security best practices apply. Especially, inform your Web users to be cautious about following links to sites that are provided by unfamiliar or suspicious sources. Users are to be aware not to click on the link in suspicious emails to immediately forward the suspicious email to the respective IT security officer / contact in your institution. More information ================ [1] http://technet.microsoft.com/en-us/security/advisory/2755801 [2] http://support.microsoft.com/kb/2755399 Best regards, CERT-EU Team (http://cert.europa.eu) Phone: +32.2.2990005 / e-mail: cert-eu@ec.europa.eu PGP KeyID 0x46AC4383 FP: 9011 6BE9 D642 DD93 8348 DAFA 27A4 06CA 46AC 4383 Privacy Statement: http://cert.europa.eu/cert/plainedition/en/cert_privacy.html -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (GNU/Linux) iQIcBAEBAgAGBQJQYHxBAAoJEPpzpNLI8SVooRsQAI1AdeCOfqcYPxmKeMNxHmLe GFAB+TM+3i29JSpY78mIl/fCQfkHnc1Fwnx42k9BNZ6VY7YHZIEHJUGvEEsKSroN q7TRx90QjjcIVjzA8UqdlLCl+nZFKTvS2Gwq/cBjFmo+vbJ9EVd7NKBjGthj5v+L 4mffcY6OWOzwU2dlVEwxkLbrOTR6Qhz9s4EUtr/alSBv6PdMhx5SKWt074CndpDI VDonQpL8mVuF791Dr7+3IBnNEGxFmubWxMvfW0pycut+12Bq9WDAaE/rDi30AABI xGrbmCSxts+TiawFtqcfbBh0giJhJdfOd2uTJNDeRGoEkDfkD9DFo7+zMR2TsCA0 PpbOLyVIF2awZoY/yvpox6NOYGOf6q66/UozpYPsMtbO4B3K+1pvqltBBsGsncek +XKf9RNAqOm+HosR87jmwVLxhQf1r/3Iywe9a7yOM62veGTtakBiXN9VEBKV/mZI 49C+4UIXjMyWhDHwjO3i/5opbfIxQyvyol0GkBfUnbM3Llhl10KaAnBxOwRWsX17 /ECtkYQ2kATwXU1snLOVhY/yjQJ1q6YIp3PPIsKsZGCat7c8ZmXAatNZki0eXIow LNgSS1grynIz1V0lLI4Tiu9UZ4R/UhxDTXJYfBMt2RFjgOqzrgojEzviExUec1Fv fRkGV56MoHrH8xfaqc/0 =aMYA -----END PGP SIGNATURE-----