Adobe Flash Player Update Plus Updater Change

Adobe Flash Player was updated again to address critical security vulnerabilities.  (The last update was just over three weeks ago.)  According to Adobe, the vulnerabilities are "priority 2"; critical but not yet exploited.

Flash Player Updater Change

Adobe recognizes the critical nature of updating third-party software.  As a result, this release of Flash Player contains a new background updater.  As explained by Peleus Uhley in An Update for the Flash Player Updater,

"If you read this September 2011 CSIS report, then you saw that 99.8 percent of malware installs through exploit kits are targeting out-of-date software installations. This point was reiterated recently in volume 11 of the Microsoft Security Intelligent Report. Also, attackers have been taking advantage of users trying to manually search for Flash Player updates by buying ads on search engines pretending to be legitimate Flash Player download sites. Improving the update process is probably the single most important challenge we can tackle for our customers at this time."

After updating to Adobe Flash Player 11.2, the following update options will be available:

• Install updates automatically when available (recommended)
• Notify me when updates are available
• Never check for updates (not recommended)

Update Information

The newest version for Windows, Macintosh, Linux and Solaris is 11.2.202.228.  Android 4.x devices using version 11.1.115.7 are not affected.  The update for Android 3.x and earlier versions is 11.1.111.8.

It is also recommended that Adobe AIR be updated to Adobe AIR 3.2.0.2070.

Release date: March 28, 2012
Vulnerability identifier: APSB12-07
Priority: 2
CVE numbers: CVE-2012-0772, CVE-2012-0773
Platform: All Platforms
 

Flash Player Update Instructions

Adobe Flash Player for Android

The latest version for Adobe Flash Player for Android is available by downloading it from the Android Marketplace by browsing to it on a mobile phone.

Flash Player for Windows, Macintosh, Linux and Solaris

Although Adobe suggests downloading the update from the Adobe Flash Player Download Center or by using the auto-update mechanism within the product when prompted, if you prefer, direct download links are available.

Notes:

• If you use the Adobe Flash Player Download Center, be careful to uncheck the optional McAfee Security Plus box.  It is not needed for the Flash Player update.
• Uncheck any toolbar offered with Adobe products if not wanted.
• If you use alternate browsers, it is necessary to install the update for both Internet Explorer as well as the update for alternate browsers.

Flash Player 11 (32-Bit)

• IE 32-Bit:  http://fpdownload.macromedia.com/get/flashplayer/pdc/11.2.202.228/install_flash_player_ax_32bit.exe
• Non-IE 32-Bit (Opera, Firefox etc):  http://fpdownload.macromedia.com/get/flashplayer/pdc/11.2.202.228/install_flash_player_32bit.exe

Flash Player 11 (64-Bit)

• IE 64-Bit:  http://fpdownload.macromedia.com/get/flashplayer/pdc/11.2.202.228/install_flash_player_ax_64bit.exe
• Non-IE 64-Bit (Opera Firefox etc):  http://fpdownload.macromedia.com/get/flashplayer/pdc/11.2.202.228/install_flash_player_64bit.exe

Flash Player Uninstallers:

32-Bit Uninstaller: http://download.macromedia.com/pub/flashplayer/current/uninstall_flash_player_32bit.exe
64-Bit Unisntaller: http://download.macromedia.com/pub/flashplayer/current/uninstall_flash_player_64bit.exe

*HatTip: ky331 for FTP download links.

Verify Installation

To verify the Adobe Flash Player version number installed on your computer, go to the About Flash Player page, or right-click on content running in Flash Player and select "About Adobe Flash Player" from the menu. 
Do this for each browser installed on your computer.

To verify the version of Adobe Flash Player for Android, go to Settings > Applications > Manage Applications > Adobe Flash Player x.x.

When Adobe Flash Player is updated, it is recommended that Adobe AIR version be checked as well.  Go to Adobe AIR Help to determine the version of Adobe AIR runtime installed.

References

• Adobe Priority Ratings
• Adobe Security Advisory: Security update available for Adobe Flash Player
• Adobe PSIRT Blog: Security Update for Adobe Flash Player (APSB12-07)

Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...

Read More

Mozilla Firefox 11 Released

After a bit of hesitation, Mozilla released Firefox 11 today.  As explained in Update on Firefox Release Timing, the update was delay was initially for two reasons.

1. This Tuesday is Microsoft’s scheduled monthly update to Windows, and those updates have interacted badly with our updates before. We don’t have reason to expect specific problems with this month’s updates, but we’d rather take a day or two to understand the impact before we update all of our users.
2. We’re also waiting for a report from ZDI about a security vulnerability that may affect this new version of Firefox. We expect to receive the report by end of day Monday. Once we can evaluate the vulnerability, we’ll know whether we need to include a fix in Firefox before the update is released.

What's New

The Release Notes include new and fixed features in version 11.  The numerous Bug Fixes are in the link available in References.

• NEW --Firefox can now migrate your bookmarks, history, and cookies from Google Chrome
• NEW --With Sync enabled, add-ons can now be synchronized across your computers
• NEW --The CSS text-size-adjust property is now supported
• CHANGED --Redesigned media controls for HTML5 video
• HTML5 --The outerHTML property is now supported on HTML elements
• HTML5 --View source syntax highlighting now uses the HTML5 parser (see bug 482921)
• DEVELOPER --The Style Editor for CSS editing is now available to web developers
• DEVELOPER --Web developers can now visualize a web page in 3D using the Page Inspector 3D View
• DEVELOPER --SPDY protocol support for faster page loads is now testable
• DEVELOPER --XMLHttpRequest now supports HTML parsing
• DEVELOPER --Files can now be stored in IndexedDB (see bug 661877)
• DEVELOPER --Websockets has now been unprefixed
• FIXED --Firefox notifications may not work properly with Growl 1.3 or later (691662)

Known Issues

• If you try to start Firefox using a locked profile, it will crash (see 573369)
• For some users, scrolling in the main GMail window will be slower than usual (see 579260)
• Some synaptic touch pads are unable to vertical scroll (see 622410)
• OS X: WebGL performance may be degraded on some hardware (see 713305)
  Unresolved on v11 Resolved in v12
• Windows: The use of Microsoft's System Restore functionality shortly after updating Firefox may prevent future updates (see 730285)

Update

The upgrade to Firefox 11 will be offered through the browser update mechanism after any impacts related to the Microsoft Security Updates are analyzed.  To get the update now, select "Help" from the Firefox menu at the upper left of the browser window, then pick "About Firefox."  Mac users need to select "About Firefox" from the Firefox menu.

If you do not use the English language version, Fully Localized Versions are available for download.

References

• Common questions after updating Firefox
• Mozilla Firefox Release Notes
• Bug Fixes 

Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...

Read More

Microsoft March 2012 Security Bulletin Release

Microsoft released six (6) bulletins, of which one bulletin is identified as Critical, four (4) as Important and the remaining bulletin as Moderate.  one Critical-class, four Important and one Moderate.

The bulletins address seven issues in Microsoft Windows, Visual Studio, and Expression Design.  Most updates will require a restart to complete the installation.

Security Bulletins

Bulletin Number	Bulletin Title	Bulletin KB
MS12-017	Vulnerability in Microsoft Windows	2647170
MS12-018	Vulnerability in Microsoft Windows	2641653
MS12-019	Vulnerability in Microsoft Windows	2665364
MS12-020	Vulnerabilities in Microsoft Windows	2671387
MS12-021	Vulnerability in Microsoft Visual Studio	2651019
MS12-022	Vulnerability in Microsoft Expression	2651018

Support

The following additional information is provided in the Security Bulletin:

• The affected software listed have been tested to determine which versions are affected. Other versions are past their support life cycle. To determine the support life cycle for your software version, visit Microsoft Support Lifecycle.
  
• Customers in the U.S. and Canada can receive technical support from Security Support or 1-866-PCSAFETY. There is no charge for support calls that are associated with security updates. For more information about available support options, see Microsoft Help and Support.
• International customers can receive support from their local Microsoft subsidiaries. There is no charge for support that is associated with security updates. For more information about how to contact Microsoft for support issues, visit International Help and Support.

References

• MSRC: Strength, flexibility and the March 2012 security bulletins
• TechNet: Microsoft Security Bulletin Summary for March 2012
• Security and Safety Center:  Microsoft security updates for March 2012 

Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...

Read More

Security Bulletin Advance Notification for March, 2012

On Tuesday, March 13, 2012, Microsoft is planning to release six (6) bulletins, of which one bulletin is identified as Critical, four as Important and one as Moderate.

The bulletins address seven vulnerabilities in Microsoft Windows, Microsoft Visual Studio and Microsoft Expression Design.  Most updates will require a restart to complete the installation.

As happens each month, Microsoft will also release an updated version of the Microsoft Windows Malicious Software Removal Tool on Windows Update, Microsoft Update, Windows Server Update Services, and the Download Center.

References

• MSRC Blog:  March 2012 ANS
• TechNet: Microsoft Security Bulletin Advance Notification for March 2012

Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...

Read More

Critical Adobe Flash Player Update

Adobe Flash Player was updated yet again to address critical security vulnerabilities.  (The last update was less than three weeks ago.)  According to Adobe, the vulnerabilities are "priority 2"; critical but not yet exploited.

The newest version for Windows, Macintosh, Linux and Solaris is 11.1.102.63.  The update for Android 4.x devices is 11.1.115.7 and the update for Android 3.x and earlier versions is 11.1.111.7.

Release date: March 5, 2012
Vulnerability identifier: APSB12-05
Priority: 2
CVE number: CVE-2012-0768, CVE-2012-0769
Platform: All Platforms

Flash Player Update Instructions

Adobe Flash Player for Android

The latest version for Adobe Flash Player for Android is available by downloading it from the Android Marketplace by browsing to it on a mobile phone.

Flash Player for Windows, Macintosh, Linux and Solaris

Although Adobe suggests downloading the update from the Adobe Flash Player Download Center or by using the auto-update mechanism within the product when prompted, if you prefer, direct download links are available.

Notes:

• If you use the Adobe Flash Player Download Center, be careful to uncheck the optional McAfee Security Plus box.  It is not needed for the Flash Player update.
• Uncheck any toolbar offered with Adobe products if not wanted.
• If you use alternate browsers, it is necessary to install the update for both Internet Explorer as well as the update for alternate browsers.

Flash Player 11 (32-Bit)

• IE 32-Bit:  http://fpdownload.macromedia.com/get/flashplayer/pdc/11.1.102.63/install_flash_player_ax_32bit.exe
  
• Non-IE 32-Bit (Opera, Firefox etc):  http://fpdownload.macromedia.com/get/flashplayer/pdc/11.1.102.63/install_flash_player_32bit.exe

Flash Player 11 (64-Bit)

• IE 64-Bit:  http://fpdownload.macromedia.com/get/flashplayer/pdc/11.1.102.63/install_flash_player_ax_64bit.exe
• Non-IE 64-Bit (Opera Firefox etc):  http://fpdownload.macromedia.com/get/flashplayer/pdc/11.1.102.63/install_flash_player_64bit.exe

Verify Installation

To verify the Adobe Flash Player version number installed on your computer, go to the About Flash Player page, or right-click on content running in Flash Player and select "About Adobe Flash Player" from the menu.

Do this for each browser installed on your computer.

To verify the version of Adobe Flash Player for Android, go to Settings > Applications > Manage Applications > Adobe Flash Player x.x.

References

• Adobe Priority Ratings
• Adobe Security Advisory: Security update available for Adobe Flash Player
• Adobe PSIRT Blog: Security Update for Adobe Flash Player (APSB12-05)

Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...

Read More

Windows 8 Consumer Preview: Getting Started

The next version of the Microsoft operating system, Windows 8, has reached what is called "Consumer Preview".  Although defined by Microsoft as pre-release software, the Consumer Preview could also be referred to as a high end beta, with the next installment being RTM (Release to Manufacturing).

Although Windows 8 Consumer Preview is a solid operating system, it is not advisable to install beta software on a production computer.  In other words, if you do not have a spare computer or a partition to dual-boot Windows 8, I strongly advise that you wait until after the final release, create a separate partition (see Create and format a hard disk partition) or test the operating system in a virtual machine.

Rather than replicating the excellent documents already created by experienced and respected bloggers and web sites, I have collected a series of articles and tutorials that will guide your testing of Windows 8 Consumer Preview.

System Requirements and Compatibility

Although Microsoft has stated that Windows 8 Consumer Preview works on the same hardware that powers Windows 7, below are the recommended system requirements for running Windows 8 Consumer Preview.  

    Processor: 1 gigahertz (GHz) or faster
    RAM: 1 gigabyte (GB) (32-bit) or 2 GB (64-bit)
    Hard disk space: 16 GB (32-bit) or 20 GB (64-bit)
    Graphics card: Microsoft DirectX 9 graphics device or higher

Additional requirements to use certain features:

•   To use touch, a tablet or a monitor that supports multitouch is needed.
•   To access the Windows Store and to download and run apps, you need an active Internet connection plus a screen resolution of at least 1024 x 768.
•   To snap apps, you need a screen resolution of at least 1366 x 768.

If you have a netbook or other computer running Windows 7 that isn't capable of a screen resolution at the levels indicated above, as illustrated by Barb Bowman in Windows 8 Consumer Preview Installed on Eee PC Netbook, you can still run Windows 8!  You may also want to read Paul Thurrott's articles, Some Thoughts About the Windows 8 System Recommendations and The Netbook Experience.

For compatibility concerns, check the Windows 8 Consumer Preview Compatibility Center to find out whether your favorite applications and devices are compatible with Windows 8.  Links on the results page will direct to product Updates, Drivers, and Downloads.

Installing Windows 8 Consumer Preview

Now that you are ready to install Windows 8 Consumer Preview, it is time to select the best method for how you will be testing the operating system.

Download

Windows 8 Consumer Preview Setup:

Windows 8 Consumer Preview Setup will check to see if your PC can run Windows 8 Consumer Preview and will select the right download. 

Also included in Setup is a compatibility report and upgrade assistance. Built-in tools for creating an ISO or bootable flash drive are available for some previous versions of Windows (excluding Windows XP and earlier).

Windows 8 Consumer Preview ISO formats:

Windows 8 Consumer Preview ISO files (.iso) are provided as an alternative to using Windows 8 Consumer Preview Setup. ISO files are available for both 32-bit (2.5 GB) and 64-bit (3.3 GB). With the ISO files, use this Microsoft-provided Product Key: DNJXJ-7XBW8-2378T-X22TX-BKG7J

Installation

It seems that there is always more than one way to accomplish a task with Microsoft software.  That is the case with installing Windows 8 Customer Preview as well.  Unless you are very experienced, I recommend using the web installer to create a a bootable Windows 8 DVD using the .ISO file or bootable thumb drive or installing in a virtual machine.

• Configuring a Windows 8 Virtual Machine
• Set Up Windows 8 with the Web Installer
  • Dual Boot Windows XP and Windows 8
  • Dual Boot Windows Vista/7 and Windows 8
• Create Bootable Install Media
• Clean Install Windows 8
• Upgrade from Windows 7, Vista, or XP to Windows 8 Consumer Preview  

Navigating Windows 8

Navigating Windows 8 will require an adjustment.  Take time to read about the new Metro style and learn about the new terminology, such as tiles and charms as well as touch terminology, including swipe and slide.

For an overview, see Windows 8 Features and Terminology.  A more complete resource is The Windows 8 Glossary, used for creating translations.  Filtering by "locked" results in a set of definitions locked by Microsoft.

Metro Style

Metro Style is the name given to the Windows 8 user interface.  It is the new start screen, made up of tiles that represent applications, replacing the Start menu.  It is the first screen shown on start up.

Metro is optimized for touchscreens as well as mice and keyboards.  Derick Campbell (Microsoft Research) has an excellent tutorial on navigating Windows 8.  Dude, Where’s My Windows 8 Start Menu? will go a long way to clearing up your confusion with Metro.

After you have become more comfortable with Windows 8, you will want to locate more advanced functions, such as the control panel, task manager, device manager and other system management tools.  Ed Bott's article will help you locate Shortcuts and surprises in the Windows 8 Consumer Preview.

Keyboard Shortcuts

Whether you have a touch screen or use a keyboard or mouse, navigating Windows 8 will be a change from what you are accustomed to.  A comprehensive list of keyboard shortcuts is included in the ars technica article, Old dogs, get ready for new tricks: how to use the Windows 8 Consumer Preview.

Derick Campbell created an online Word Document which includes a comprehensive list of keyboard shortcuts with the corresponding touch and mouse actions.  Consider downloading the file and annotating it with your own notes:  Win8 Shortcuts.

Security

Microsoft Security Essentials has been renamed Windows Defender for Windows 8.  Windows Defender is included in the install of Windows 8 Consumer Preview and enabled by default.  If you prefer to use a different antivirus solution, check the entries in the Compatibility Center.   You may find that your favorite program is not listed yet as compatible, yet, as in the case of ESET Smart Security, 15 out of 16 people reported it compatible with Windows 8.

Problems

There are times when things just do not go right.  In the case of Windows 8 Customer Preview, please keep in mind that Windows 8 Consumer Preview is pre-release software.

Oops!

What can you do if disaster strikes and your Windows 8 installation is totally messed up?


Reset!

Windows 8 has a new service that returns your PC to its factory clean state by wiping it out and reinstalling Windows.  Reset removes all personal data, apps, and settings and completes a fresh install of Windows 8.

Refresh!

With the Refresh option, you keep all personal data, Metro style apps, and important settings from the PC, as well as a clean copy of Windows 8.

Reset and refresh are accessible through the "PC Settings" app.

Help and Support

• Microsoft Answers: 
  
  • Windows 8 Consumer Preview forum
  • Internet Explorer 10 Consumer Preview
• Windows 8 Forums: 
  
  • Tutorials
  •  Installation and Setup 

Other Resources

• Building Windows 8
• Introducing Windows 8 Consumer Preview
• Springboard Series for Windows 8
• Windows 8 Customer Preview
• Windows 8 Consumer Preview:  Frequently asked questions

Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...

Read More