Computing Facilities    links to the SCS and CMU home pages Carnegie Mellon School of Computer Science Carnegie Mellon University
 
Advanced search tips 
 Documentation
 » Introduction to Facilities 
 » Accounts & passwords 
 » AFS 
 » Application software 
 » AV help 
 » Backups & restores 
 » Calendaring 
 » E-mail 
 » Networking 
 » Printing 
 » Purchasing 
 » Resource management 
 » Security 
 » Software licensing 
 » Support charges 
 » Web publishing 
 » Your health 
 » Mac support 
 » Linux support 
 » Windows PC support 

Critical Adobe Flash and Internet Explorer vulnerabilities

April 30, 2014

On April 28, 2014, Adobe released a patch for a critical vulnerability in Flash Player. Microsoft has announced a critical vulnerability in Internet Explorer, but has not yet released a patch for it. Both of these vulnerabilities are being actively exploited in the wild.

WHAT YOU SHOULD DO

FLASH PLAYER: Follow the instructions below to patch Flash Player on your computer.

INTERNET EXPLORER: Because Microsoft has not yet released a patch for this vulnerability, it is recommended that you use a different browser than IE for web browsing. Note: While current known methods to exploit this vulnerability involve Flash Player, the IE vulnerability is a separate problem from the Flash Player vulnerability. IE exploits that do not make use of Flash may be possible.

TO PATCH FLASH PLAYER

If you are running Flash Player version 13.0.0.182 or earlier on a Windows PC, version 13.0.0.201 or earlier on a Mac, or version 11.2.202.350 or earlier on Linux, you should upgrade. To see which version of Flash you are running, visit:

https://www.adobe.com/software/flash/about/

If you are using the Flash Player that is installed with Google Chrome, or Internet Explorer 10 or 11, your version of Flash on that browser will be updated automatically (though, as mentioned above, you should refrain from using IE until Microsoft relases a patch for the IE problem).

To upgrade Flash if you are not using one of the above browsers, download it from:

https://get.adobe.com/flashplayer/

Each browser that you use to view Flash content will need to be updated.

Additional information about this vulnerability and how to update Flash Player:

https://helpx.adobe.com/security/products/flash-player/apsb14-13.html

Please contact help@cs.cmu.edu or call the SCS Help Desk (x8-4231) if you have questions or problems with applying these patches. Thank you for your attention,

SCS Help Desk