Updates ‘Not Sufficient’ To Fix Flash, Windows Vulnerabilities, US-CERT Says

“Recently disclosed vulnerabilities in Adobe Flash and Microsoft Windows may allow a remote attacker to execute arbitrary code with system privileges” by “convincing a user to visit a website or open a file” that could allow an attacker to combine Flash and Windows vulnerability to take “full control of an affected system,” said the U.S. Computer Emergency Readiness Team in an alert Wednesday. US-CERT said that “since attackers continue to target and find new vulnerabilities in popular, Internet-facing software, updating is not sufficient, and it is important to use exploit mitigation and other defensive techniques.” Don't "run untrusted Flash content,” and “review the Bulletin and apply the necessary updates,” US-CERT said.