Pittsburgh Tech Guy

Users of Google's Chrome and Microsoft's Internet Explorer 10 (IE10) and IE11 can rest easy today knowing that their browsers will automatically update to the latest version of Adobe Flash, which will block a credential-stealing attack disclosed earlier in the day.

Those who rely on Apple's Safari, pre-IE10 editions of IE, Mozilla's Firefox and Opera Software's Opera, however, should hustle to the Adobe website to download and install the latest version of Flash, security experts advised.

"Unless you are running IE10, IE11 or Google Chrome you should look [at] this month's Adobe Flash fix as your second-highest priority," said Wolfgang Kandek, CTO of Qualys, in an email. "Google Chrome, IE10 and IE11 embed Adobe Flash and update it automatically, so in that case you and your users do not have to do that. Everybody else, Internet Explorer 9 and lower, Firefox and [Safari] users should update their Flash installation manually." His top priority for the day was a massive 24-patch Microsoft update for IE.

As Kandek noted, Microsoft and Google bake Flash into their browsers and so take on the responsibility of updating their software whenever Adobe issues security patches, as it did today. IE10 on Windows 8 and IE11 on Windows 8.1 -- the versions for the "Metro" mode -- include Flash; Windows 7 users must update Flash Player separately, however, as must those running Windows 8 or Windows 8.1 on the classic Windows desktop