Tag: Adobe

More details are available via the link below.  If you have Adobe Flash installed, the update released yesterday (26 Feb) needs to be installed ASAP.   Download Patch -> http://www.adobe.com/support/security/ Article -> http://www.theregister.co.uk/2013/02/27/adobe_issues_two_critical_flash_vuln_patches/

Still reading over the details but Packet Storm is reporting that Adobe has confirmed a zero day exploit in Adobe Reader.  I don't see an update available yet on the Adobe site but I've included the link below to the Adobe site for the updates.  I've also included a link to the article: Article Adobe Updates

Adobe has released security updates for Adobe Flash Player 11.5.502.110 and earlier versions for Windows and Macintosh, Adobe Flash Player 11.2.202.251 and earlier versions for Linux, Adobe Flash Player 11.1.115.27 and earlier versions for Android 4.x, and Adobe Flash Player 11.1.111.24 and earlier versions for Android 3.x and 2.x. These updates address vulnerabilities that could cause a crash and potentially allow an attacker to take control of the affected system.  More information available here

Details are sparse at this point but the linked article has a video demonstrating the vulnerability being exploited.  According to the article, this vulnerability a) affects even fully up-to-date installations of Adobe Acrobat b) with Protected Mode on and c) with Javascript disabled.  Additional details are sure to come but, for now, be extremely cautious with PDF files. http://arstechnica.com/security/2012/11/zero-day-attack-reportedly-pierces-key-adobe-reader-defense

Adobe posted an update for all platforms addressing a vulnerability in their Flash Player.  Details are in the linked article but the short story is that, if you've got Adobe Flash player installed, you'll want to install the update.    Article on V3 Article on US CERT

According to this article at ZDNet, it looks like Microsoft and Adobe may be in the process of syncing up their patch release cycles (in reality, this looks more like Microsoft is going to continue business as usual and Adobe is going to begin releasing regular updates in concert with the Microsoft monthly updates).  This would be significant because many Microsoft users are already 'conditioned' to look for updates on the second Tuesday of each month (Patch Tuesday).  Adobe is, by most counts, the number 2 target for viruses and malicious software and it's high rate of compromise can be directly attributed to users just not installing updates (how many of you still have Adobe Reader 10, or Adobe Reader 9 or earlier?).   We see a considerable spike in…

On 8 October, Adobe released an update to address a vulnerability in it's Adobe Flash Player that can enable an attacker to crash or compromise vulnerable systems.  The vulnerability affects Flash Player on Windows, Mac, Linux and Android.  All users are encouraged to update.  From the Adobe article: Adobe has released security updates for Adobe Flash Player 11.4.402.278 and earlier versions for Windows, Adobe Flash Player 11.4.402.265 and earlier versions for Macintosh, Adobe Flash Player 11.2.202.238 and earlier for versions for Linux, Adobe Flash Player 11.1.115.17 and earlier versions for Android 4.x, and Adobe Flash Player 11.1.111.16 and earlier versions for Android 3.x and 2.x. These updates address vulnerabilities that could cause a crash and potentially allow an attacker to take control of the affected system http://www.adobe.com/support/security/bulletins/apsb12-22.html

On 21 August, Adobe released an update that addressed a critical vulnerability in the Adobe Flash Player.  All users are encouraged to install the update as soon as possible.  The vulnerability affects Flash across all supported platforms (including Android).  Additional details can be found at the link below.   https://www.adobe.com/support/security/bulletins/apsb12-19.html