Microsoft issues critical Flash security update


By Dylan Bushell-Embling
Thursday, 23 February, 2017

Microsoft issues critical Flash security update

Microsoft, despite deciding not to release any patches in February, has pushed out a critical security update containing patches developed by Adobe for the Adobe Flash Player.

The patch, MS17-005, updates Flash libraries contained within Internet Explorer 10 and 11 as well as Microsoft Edge to address exploits that could be used to trigger remote code execution.

According to Microsoft, an attacker could potentially exploit the vulnerabilities in unpatched versions of the browsers by hosting a specially crafter website designed to exploit them and convincing a victim to visit or by embedding an ActiveX control in an Office document hosting the IE rendering engine.

Affected software includes Windows 8.1, Windows RT 8.1, Windows 10, Windows Server 2016 and Windows Server 2012, although the impact is only listed as moderate and not critical for the latter OS.

The update also lists a series of potential workarounds to limit exposure to the vulnerability for unpatched systems, including disabling Flash, preventing it from running within Office 2010 and disabling ActiveX controls in Office 2010 or 2007.

Adobe released this month's Flash patches on the 14th of February, the same day Microsoft would traditionally have issued its Patch Tuesday Windows updates.

But Microsoft, after transitioning to a new model that removes the fixed schedule for issuing patches, this month revealed it will push back the release of the planned February updates until March.

Image courtesy of Mike Mozart under CC

Follow us on Twitter and Facebook

Related News

Red Hat, IBM launch open source threat remediation tool

IBM and Red Hat have jointly launched an AI‍-‍powered solution for automating the...

Cloudflare launches superior CAPTCHA alternative

Cloudflare has launched into general availability a solution capable of continuously monitoring...

APAC workers in need of phishing training: report

A report from workforce security company KnowBe4 indicates that 1 in 3 Australian employees is...


  • All content Copyright © 2026 Westwick-Farrow Pty Ltd