Foxit patches critical vulnerability in PDF viewer browser plug-in
Foxit released version 5.4.5 of its Foxit Reader PDF viewer plug-in on Thursday in order to address a critical remote code execution vulnerability that could have allowed attackers to compromise...
View ArticleJava tops 2012 list for most dangerous software flaws
Adobe, Apple were behind the most software flaws in 2012, but Oracle’s Java was the most exploited and dangerous software for the year, according to research by Kaspersky Lab.
View ArticleAdobe releases emergency patch for Windows and OS X systems
Adobe recently released an emergency update for Flash Player on all platforms after two zero-day bugs were discovered in the wild targeting Windows and Mac OS X computers. The vulnerabilities allowed...
View ArticleAdobe 0-days used for IEEE aerospace spearphishing attacks
Attackers using the zero day Adobe Flash flaws patched last week delivered the exploits with a spearphishing email aimed at the aerospace sector, according to security researchers.
View ArticleAdobe adds anti-spearphishing feature for Word embedded Flash
Scheduled update fixes 17 critical flaws in Flash, two in Shockwave and adds ‘Click to Play’ auto-launch check for embedded Flash in Office documents.
View ArticleZero-day PDF exploit affects Adobe Reader 11 and earlier versions,...
Researchers from security firm FireEye claim that attackers are actively using a remote code execution exploit that works against the latest versions of Adobe Reader 9, 10 and 11.
View ArticleAdobe confirms zero-day exploit bypasses Adobe Reader sandbox
A recently found exploit that bypasses the sandbox anti-exploitation protection in Adobe Reader 10 and 11 is highly sophisticated and is probably part of an important cyberespionage operation, the head...
View ArticleAdobe ‘Protected Mode’ PDF Reader 0-day fix due ‘this week’
Adobe says it will release a patch this week for two previously unseen vulnerabilities that allowed hackers to bypass its ‘Protected Mode’ sandboxing security in Reader and Acrobat X and XI.
View ArticleAdobe Reader PDF 0-days now used in Mandiant report spearphish
Hackers are using a fake PDF version of a fresh report into Chinese military espionage for a spearphishing campaign that appears to be aimed at Chinese journalists and Japanese-speakers with...
View ArticleHackers attack weakness in Adobe's Flash Firefox plugin sandbox
It’s been a tough month for Adobe, which has for the second time this month had to release an out of band patch to address flaws affecting its sandboxing implementations.
View ArticleThird time's the charm? Adobe patches even more critical Flash vulnerabilities
On Tuesday, Adobe released yet another security patch for Flash player, addressing several critical vulnerabilities that would allow attackers to take control of affected computers. The update is for...
View ArticleA reason to update? 23 nations, 10 days, one Reader exploit
A malware assault on several governments, exploiting a recently closed Adobe Reader flaw, highlight the importance of applying software updates swiftly -- particularly for government staff, if they're...
View ArticleHow I ditched the security risks and lived without Java, Reader, and Flash
Adobe Flash, Adobe Reader, and Oracle's Java. All three are virtually ubiquitous on modern-day PCs, and all three provide handy-dandy functionality--functionality that, in the case of Flash and Java,...
View ArticleScary flaw makes your USB ports a major security risk
It's the second Tuesday in March, which means that it's also the third Patch Tuesday of 2013. Microsoft released seven new security bulletins today, with four rated as "critical," but security experts...
View ArticleMost Java-enabled browsers vulnerable to widespread Java exploits, Websense says
Most browser installations use outdated versions of the Java plug-in that are vulnerable to at least one of several exploits currently used in popular Web attack toolkits, according to statistics...
View ArticlePatch Tuesday leaves Internet Explorer zero day untouched
It's Patch Tuesday time again. This month Microsoft has unleashed nine new security bulletins. Nine is a reasonably high number of updates, however, only two of them are rated as Critical. So, it's...
View ArticleAdobe warns customers of unpatched critical flaw in ColdFusion
Adobe has warned users of its ColdFusion application server platform of a critical vulnerability that could give unauthorized users access to sensitive files stored on their servers.
View ArticleSoftware vendors should respond to actively attacked vulnerabilities within...
Google wants vendors to fix or offer mitigation advice for previously unknown and actively exploited software vulnerabilities within seven days of their discovery.
View ArticleSecurity experts weigh in on Patch Tuesday priorities
It's Patch Tuesday--the sixth one of 2013. As far as Patch Tuesdays go, June is relatively light--with a mere five security bulletins, and only one rated as Critical--but that's no reason to let your...
View ArticleU.S. consumers not buying web advertisers' 'relevance' argument for tracking
Marketers and advertisers constantly say that their practice of tracking us as we move around the web is a good thing because it lets them present us with more relevant ads and site content. But a new...
View Article
