Adobe has published a Security Bulletin for the Adobe Flash Player Remote Code Execution Vulnerability (CVE-2015-3113). The new Security Bulletin, APSB15-14, identifies a heap buffer overflow vulnerability which affects various versions of Adobe Flash Player across multiple platforms. Exploitation of this critical vulnerability could allow an attacker to remotely execute arbitrary code. Adobe has acknowledged reports of this vulnerability being exploited in the wild in limited targeted attacks.
The following versions of Adobe Flash Player are vulnerable:
- Adobe Flash Player 184.108.40.206 and earlier versions for Windows and Mac OS X
- Adobe Flash Player Extended Support Release version 220.127.116.112 and earlier 13.x versions for Windows and Mac OS X
- Adobe Flash Player 18.104.22.1686 and earlier 11.x versions for Linux
Microsoft announced this week new features coming soon for Office Online:
Office Online is releasing new autocorrect features. The first implementation will make straightforward changes such as capitalizing the first letter of a sentence. In the coming weeks, you will see more advanced automatic formatting such as transforming two hyphens into a dash—just like you’d expect in Word.
Word Online is also adding the Format Painter, a popular office tool that can streamline document design. Format Painter allows you to copy formatting from the selected content (Ctrl + Shift + C) and paste it onto a different set of content (Ctrl + Shift + V).
Object formatting in PowerPoint Online
Text is great, but illustrations bring your presentation to life. PowerPoint Online’s latest update allows you to make your illustrations look perfect. You can easily select, move, resize and delete objects with your keyboard or mouse. The new Smart Guides feature helps you effortlessly align your objects with other content. Multiselect allows you to format more than one object at a time. You can even move objects outside the slide area while you format other content.
Previously, PowerPoint Online only allowed you to view and relocate existing tables. The latest updates will allow you to create, edit and format your tables in the browser. You can even resize rows or columns.
We know our customers use Office Online on a wide range of devices. PowerPoint Online’s new full screen Reading View and Zoom tool in the Editing View allow you to have a more comfortable experience on small screen devices. Word Online is also releasing a High DPI experience for viewing PDFs.
This week Microsoft is releasing Firmware updates for both Surface 3 models. The Surface 3 Pro is receiving an update to its UEFI (new version is 3.11.950.0), adding support for new Windows 10 features, updates to the Wi-Fi and Bluetooth drivers (version 15.68.3091.193) which are meant to improve stability and connectivity, including download speeds, as well as an update to the AHCI controller driver (new version is 22.214.171.1248)
The Surface 3 is receiving four updates which improve the audio performance and experience (new Audio Device driver version is 603.9600.2563.61816), the camera’s photo and video quality (new Camera driver version is 20.9600.3444.120), and display stability and graphics performance (new HD Graphics driver version is 10.18.14.4175). The fourth driver update is for Surface Pen Settings (new driver version is 126.96.36.199).
LastPass is informing users that last Friday they discovered and blocked suspicious activity on their network. LastPass found no evidence that encrypted user vault data was taken, nor that LastPass user accounts were accessed. The investigation has shown, however, that LastPass account email addresses, password reminders, server per user salts, and authentication hashes were compromised. In light of this they are requesting that users change their Master passwords.
MS15-056 updated Internet Explorer and fixed 24 vulnerabilities by “preventing browser histories from being accessed by a malicious site,” as well as “adding additional permission validations to Internet Explorer [and] modifying how Internet Explorer handles objects in memory,” the release said, noting that “customers whose accounts are configured to have fewer user rights on the system could be less impacted than those who operate with administrative user rights.
MS15-057 plugged a hole in Windows with which attackers could seize control remotely of a system if Windows Media Player “opens specially crafted media content that is hosted on a malicious website.”
These patches should be installed on all systems and are available from Windows Update. Inaddition to these Microsoft has released six non-critical updates.
Customers with the Office preview running in testing will find there is a new build release today:
- Real Time Presence in Word—While Real Time Typing will ship in subsequent builds, Microsoft is rolling out a key part of that collaborative experience with Real Time Presence. Real Time Presence allows you to see where in a document your teammates are editing. Available first for OneDrive for Business subscribers, it will be available more broadly soon.
- Simplified file sharing—Microsoft is simplifying the process of sharing files and making them available to others to review, comment, and edit. Just clicking Share on the Ribbon will save your file to the Cloud and make it available to others in one easy step.
- Insights for Office (currently in Word and Outlook)—Insights, powered by Bing, brings you contextual information from the web right into your reading experience. Try it by selecting keywords, like people or places, in your content and watch as Insights pulls relevant information into the Task pane to help you learn more.
- Version History improvements—It is now easier to find different versions of files stored on SharePoint or OneDrive for Business. You can click the History command in the File menu to view or restore any previous version.
The Office 2016 Preview is available for download for Office 365 users and to anyone has signed up to the preview program.
Microsoft revealed this morning that Windows 10 will be released to customers on July 29, 2015 as part of a free upgrade offer and with new PCs. This date is when the free upgrade promotion for one year begins.
Starting today users of eligible systems will start seeing an Icon in the taskbar of Windows 7 and * workstations.
We DO NOT recommend anyone who uses their PC for business applications sign up for this program. It is imperative that your business critical applications be tested prior to migrating to Windows 10. If you do reserve your copy now your system will automatically download a 3GB setup at some point prior to July 29.