Microsoft has released an old-fashioned Security Bulletin, , which shepherds a handful of patches for various versions of Windows. The patches, all called , implement the Flash Player fixes contained in Adobe’s , which fixes 13 critical vulnerabilities. It took Microsoft a week to plug the holes.
The patches are beginning to roll out now through Windows Update on machines running:
- Windows 8.1, RT 8.1 and Server 2012 R2 running Internet Explorer 11
- Server 2012 running Internet Explorer 10
- All versions of Windows 10 — RTM (1507), 1511, 1607, and Server 2016
Note that Windows 7 PCs don’t need the patch, even if they’re running Internet Explorer 11. Flash is built into IE11 on Windows 8.1 and Win10, so the updates for IE (and Edge in Win10) have to come from Microsoft. IE11 running on Windows 7 uses a separate Flash Player, via ActiveX, which is updated by Adobe. If you have Win7 and use IE11, chances are good that Adobe updated you last week.
You can either go to Windows Update and install the patch, or you can from the Windows Update Catalog.
Internet Explorer patches out of the grouped Security-only and Monthly rollups for Windows 7 and 8.1, starting this month, and that finally happened. But Microsoft was also discontinuing Security Bulletins this month.
In what appears to be an unrelated move, Microsoft has brought back KB 2952664 (for Win7) and KB 2976978 (Win 8.1), which are the two enhanced snooping patches we on Feb. 9. The patches, at this moment, appear as optional unchecked updates, with a published date of Feb. 21, 2017.
Poster ch100 says: