If you have Windows XP or Vista and you're currently using Internet Explorer 6 or 7, you need to upgrade to 8 without delay.

There is a new vulnerability being exploited that only affects Internet Explorer 6 and 7. With support for those older versions coming to an end, it's important to upgrade to the latest version.

Internet Explorer 8 has many security improvements, including SmartScreen and Cross-Site Scripting (XSS) Filter.

Besides it's many security enhancements, Internet Explorer 8 is speedier than previous versions. Microsoft lists some of the improvements included in it's latest browser in Windows Internet Explorer 8: Get the facts.

Users of Windows 7 need not worry because Internet Explorer 8 is already installed in that operating system.

Download and install Internet Explorer 8 today.

• Version 10.0.45.2 of Adobe Flash fixes critical vulnerabilities. The updated version can be downloaded from the Adobe Flash Download Page (remember to uncheck the optional security software download before clicking the Agree & install now button):

  

  There is a version for Internet Explorer and another for all other browsers. You'll need to download both if you use another browser besides IE.

  To see which version of Flash your browser has installed, visit the Adobe Flash About Page where you'll be able to see which version your browser is using, as well as, the latest version available for download.

• Adobe Reader's updated version (9.3.1) is also a critical update because one of the vulnerabilities can allow an attacker to take control of the affected PC.

  The easiest way to update Adobe Reader is to run the Update from within the program by clicking on Help, Check for Updates:

  

Users of Adobe Flash and Adobe Reader are advised to update immediately.

You can read more about the Security Bulletins on the Adobe Security Bulletins and Advisories page.

The Adobe Reader update that we have been waiting almost a month for has finally arrived.

Adobe has has updated it's Reader Software to version 9.3. This version patches a JavaScript vulnerability that is considered critical and everyone that uses Adobe Reader software is strongly urged to update at once.

You have a few options to update to latest version of Adobe Reader.

The easiest way to update the software is to run the update from within Adobe Reader by going to Help, Check for Updates:

If you have difficulty updating the software or prefer to download and install the update manually, you can get it at Adobe. Remember to uncheck the box under “also install” or security software will be added to the installation (see screen-shot):

Download Adobe Reader 9.3 from Adobe website.

Additionally, you can download it from FileHippo (without any additional software):

Download Adobe Reader 9.3 from FileHippo.

Whatever method you use to update your software, be sure to do it soon. Not updating your Adobe Reader software will leave your PC vulnerable.

You can read more about this update by visiting Adobe's Security Advisory Page.

Disabling JavaScript is a fast, simple procedure. From within Adobe Reader, go to Edit, choose Preferences, then on the left-side of the window, click JavaScript. Uncheck Enable Acrobat JavaScript, then click OK.

Adobe is expected to issue a patch for this vulnerability during the second week of January. Until then, you can stay protected by disabling JavaScript.

If you'd like to learn more about the current vulnerability, read Adobe's Security Advisory for Adobe Reader and Acrobat.

Adobe has issued a new security update for Adobe Flash. The new version, 10.0.42.34, fixes a vulnerability that could allow an attacker to take control of an affected PC.

If you use other browsers besides Internet Explorer, download and install both updated Flash Players (One is for IE and the second is for all other browsers).

Download:

• Flash for Internet Explorer
• Flash for Firefox and other browsers

Once downloaded, double-click the setup file to upgrade the version you have currently installed.

To read more about the vulnerability, visit Adobe’s Security Bulletin page.

The website has a wealth of information just waiting to be discovered:

• At the top of the page there is a navigation bar with specialized sections on Fraud Prevention, Data Protection and links to various Resources. As you can see in the screen-shot below, when you hover over any of the sections on the navigation bar (1), an additional navigation bar (2) will present a list of topics to choose from (3):

• In the center of the page you will find information, as well as links for How To's and Tools.
• At the very bottom of the main page, there are educational videos relating to security and remaining vigilant online.
• The website has comic section which is both informative and entertaining.
• If you have questions about what certain terms mean, there is also a section with common security terms to help you out.

Be sure to bookmark Microsoft Online Safety and share the link with friends and family who'd like to learn more about staying safe online.

Keeping track of software updates has become so much easier thanks to FileHippo.com Update Checker . This is a simple program that does it's job beautifully. It scans your computer, then presents a list of all the programs you have installed that have updated versions available for download.

After reading and accepting license agreement, choose which components to install. I recommend you un-check run at startup since there is no need to have this program constantly running in the background. If you'd like a desktop icon, leave it checked otherwise un-check it as well. Start Menu Shortcut should remain checked so that you can find the program via your start menu.

Click Next after choosing which components to install. Leave default location for installation (unless you prefer to install in a different location), then click Install. Once installation is complete, click Close.

When you run FileHippo.com Update Checker, the program begins by downloading the latest update list:

Then it will scan your PC:

and finally, it will list all the programs that currently have an update available to download (your list may differ depending on programs installed):

The only issue I had with FileHippo.com Update Checker was that it listed an update for Windows Live Messenger (which I do not have installed). I have (but don’t use) Windows Messenger which is part of Windows XP. If you get an update notice for Windows Live Messenger and do not use MSN Messenger or Live Messenger to chat, feel free to ignore that update notice.

Update Adobe software as soon as possible to help keep your PC protected.

Downloads:

• Flash Player for Internet Explorer (download to your PC, then double-click downloaded update to install).

• Flash Player for Firefox (once downloaded, double-click update to install).

• Adobe Reader (note: this patch can only be applied to version 9.1.2. If you are unsure, update to the latest version of Adobe Reader via the help menu in the program).

To read the latest Adobe Security Advisories, visit Adobe Security bulletins and advisories.

In addition to the updates listed above, Adobe also issued patches for Shockwave Player and Adobe Air. If you use them, you'll want to install those patches as well.

You may have to install one or both of the security updates depending on what Microsoft software you have installed. As always, the sooner you apply the updates, the faster your PC will be protected from these vulnerabilities.

If you don't have Windows Automatic Updates enabled or want the updates now, download the latest security patches by visiting Windows Update.

Many websites have been hacked with a malicious script that checks for the vulnerability and if you visit the website with Windows 2000 or XP and do not have the vulnerability patched, the site will attempt to re-route you to a malicious site that will silently download and execute a keylogging program.

In addition to this latest exploit is another vulnerability in DirectShow that has not been patched by Microsoft either and affects ALL browsers. Both vulnerabilities are dangerous and considered "drive by downloads".

Patches for these exploits are not yet available via Windows Update but Microsoft has created Advisories for each and Workaround fixes that can be used in the meantime to mitigate your risk.

Download and install the following fixes to stay safe:

1. Vulnerability in Microsoft Video ActiveX control could allow remote code execution.
2. Vulnerability in Microsoft DirectShow could allow remote code execution.

The fixes linked above will prevent the exploits from working on your PC and will keep you safe until Microsoft patches those vulnerabilities in DirectShow. I recommend you apply the fixes immediately. Also, verify that your Anti-Virus is up to date because most Anti-Virus will prevent the exploits from being downloaded onto your PC and will serve as another layer of protection.

To install the fixes, do the following:

• Visit the Advisory Page (see links 1 and 2 above) and choose the Fix it button located on the left side of the page:
  
• Download Fix it to your PC, then install it by double-clicking it. Click the Agree box and then click the Next button:
  
• The Fix is automatically applied and your PC will be protected from the vulnerabilities listed above. Choose Close to exit the dialog.
  

Microsoft is expected to include a patch for the vulnerabilities in the next Windows Update patch-day but in the meantime you can keep your PC safe by using the Fixes from Microsoft linked above.

Note: Windows Vista and Server 2008 are NOT vulnerable to these exploits.