November not only suffered from several patch do-overs, it also saw a few unexpected, out-of-cycle patches.
As Adobe releases a quick fix for Flash, Google adds SSL-security enhancements to Chrome.
An unexpected update for Adobe Flash
According to an F-Secure post, an October Adobe Flash Player update blocked an exploit named Angler but did not fix the underlying vulnerability. When F-Secure notified Adobe of the partial fix, Adobe responded with an out-of-cycle update.
Given Flash’s vulnerability history and the frequency of updates, you might want to bookmark the “Adobe Flash Player” page, which lists the most current versions and shows the version you have installed. Launch the page in every browser you use.
Windows and Mac users should now be on Flash Player 184.108.40.206. Chrome and Internet Explorer 10/11 users will be updated automatically. (A Chrome Releases page notes that the browser was updated as well. When you next launch those three browsers, give them a bit of time to update before working online.)
What to do: Whenever manually updating Flash, watch out for potentially unwanted software offers.