Adobe released security updates for Flash, Reader and Acrobat, patching 52 vulnerabilities.
Tag Archives: adobe security
Security Updates Coming for Adobe Reader, Acrobat
Adobe released pre-notification of security updates coming next week for its Reader and Acrobat products. The updates will address critical vulnerabilities in both products, Adobe said.
Adobe Starts Vulnerability Disclosure Program on HackerOne
Adobe launched its first vulnerability disclosure program this week. It will use the HackerOne platform and will not pay out bounties, instead researchers can bulk up their HackerOne reputation scores. Only vulnerabilities in Adobe web applications or web-based services are in scope.
Flash Zero Days Dominate Exploit Landscape
The recent Flash zero-day vulnerabilities and exploits have uncovered the relatively quiet Hanjuan exploit kit, and further exposed the dangers of malvertising.
Adobe Begins Patching Third Flash Player Zero Day
Adobe has begun distributing an emergency update for Flash Player that patched the third of three zero-day vulnerabilities under attack.
Latest Flash 0Day Under Attack; Possible Ties to Group Behind Angler EK
The third Adobe Flash Player zero day in two weeks is also currently under attack. Researchers at Trustwave found an exploit for it in the HanJuan exploit kit, which could be tied to the group behind the Angler kit.
Adobe Begins Auto-Update Patching of Second Flash Player Zero Day
Adobe on Saturday began patching a zero-day vulnerability in Flash Player for auto-update users, exploits for which have been included in the notorious Angler Exploit Kit.
Upcoming Adobe Reader, Acrobat Update to Patch Sandbox Escape
Adobe announced security updates for Reader and Acrobat that likely include patches for a sandbox escape vulnerability. Google’s Project Zero released details and exploit code earlier this week.
Sandbox Escape Bug in Adobe Reader Disclosed
Details and exploit code for a vulnerability in Adobe Reader have surfaced and the bug can be used to break out of the Reader sandbox and execute arbitrary code. The bug was discovered earlier this year by a member of Google’s Project Zero and reported to Adobe, which made a change to Reader that made it […]
Microsoft Ready With Nine Bulletins, New Critical IE Patches
Microsoft published its Patch Tuesday advance notification, advising IT shops to be ready for nine bulletins, including three critical patches.