Patch Tuesday November 2014

ipad hackedPatch Tuesday November 2014 – you’re invited to a Masqued attack. If you’re an iPhone or iPad user.

Apple was informed back in July about a vulnerability in iOS 7 and 8 that allows hackers to install apps on an iPhone or iPad from an email or text message replacing a legitimate app with a poisoned one. Apple is working on a fix however someone is already using the vulnerability in a form called Wirelurker. Apple has patched that particular malware.

More Mac Malware on the way

But be assured more mac malware using Masque is on the way. Run updates on your iPhone or iPad as soon as possible. More about the story here. And only install apps from the official Apple Store.

It just wouldn’t be Patch Tuesday without a hot Flash update from Adobe. This security update is for both Mac and Windows users. The best way to get this update is to go here and run the install. Don’t forget to uncheck the unwanted Google toolbar, Chrome or McAfee crapware that Adobe insists on bundling with their security updates. Technical information about the update and software affected here.

Microsoft Updates

Microsoft released fourteen security updates today. Four of them are critical, effect all current versions of Windows (by current I mean Windows Vista, Windows 7 and Windows 8) and require a system reboot. Eight of the updates are important (by Microsoft’s standards, I consider one of these patches critical) and also require a system restart. One of the patches only effects Office 2007 and one only effects Japanese IME or input. Technical details about the updates here.

One of the patches is critical for server products. If you are running Windows Server 2003, Windows Server 2008 or 2012, you need to patch as soon as possible. More details here.

Patch now or be hacked later. This includes your phones and tablets.