The dangerous Angler exploit kit has a new piece of ammunition to use in its attacks: a fresh Adobe Flash zero-day vulnerability.
Tag Archives: adobe
Adobe Patches Nine Vulnerabilities in Flash
Adobe patched Flash Player , addressing nine vulnerabilities in the software including critical bugs that could allow an attacker to take control of an affected system.
Upcoming Adobe Reader, Acrobat Update to Patch Sandbox Escape
Adobe announced security updates for Reader and Acrobat that likely include patches for a sandbox escape vulnerability. Google’s Project Zero released details and exploit code earlier this week.
Adobe Releases Emergency Flash Player Patch
Adobe released an emergency out-of-band Flash Player security bulletin, revising a patch released in October with an additional CVE addressing a memory corruption vulnerability.
Adobe gathers data from your eBook reader
Image from http://www.quickmeme.com
Security and privacy violations in Adobe’s Digital Editions eBook and PDF reader were discovered last week.
“This is a privacy and security breach so big that I am still trying to wrap my head around the technical aspects, much less the legal aspects,†researcher Nate Hoffelder wrote in The Digital Reader blog post.
If you check out eBooks from your local library and read from a digital reader like a Nook, Kobo, or other non-Amazon eBook reader, then you have probably used Adobe’s free Digital Editions software.
Hoffelder said that Adobe is gathering user data on the eBooks that have been opened, which pages were read, and in what order, as well as metadata such as title and publisher –and all of it is being sent to Adobe’s servers in plain text. That means anyone who is interested and has the means, say, the National Security Agency or your ISP, could be reading over your shoulder. That’s not good. In fact, it’s very bad, as well as illegal.
It is hoped that Adobe’s Tuesday update will include a plug for the Digital Editions leak, but more likely it will be next week. In a statement to the American Library Association, Adobe reports they “expect an update to be available no later than the week of October 20†in terms of transmission of reader data.”
Thank you for using avast! Antivirus and recommending us to your friends and family. For all the latest news, fun and contest information, please follow us on Facebook, Twitter and Google+. Business owners – check out our business products.
Big updates coming from Microsoft, Oracle and Adobe this Tuesday
Pour yourself a cup of coffee; this could take a while.
One of the biggest “Patch Tuesday†fixes is happening October 14, when vital updates will be available from three companies at the same time.
We are all used to the monthly Patch Tuesdays from Microsoft and Adobe, but this month the quarterly updates from Oracle, the parent of problem child Java SE, coincide, making it a pretty big day for securing your system. Avast experts agree that one of the most important steps you can take to securing your data and devices is to make sure that you keep your software up-to-date.
Microsoft
Microsoft leads off the normal Patch Tuesday with the release of 9 security updates across products including a critical patch of Internet Explorer, all supported versions of Windows, and the .NET development framework.
Oracle
Oracle’s Critical Patch Update is a collection of patches for multiple security vulnerabilities. It contains 155 new security fixes across hundreds of Oracle products; 25 of them for Oracle Java SE. Oracle warns that “these vulnerabilities may be remotely exploitable without authentication, i.e., may be exploited over a network without the need for a username and password. “ That’s not good, if you were wondering.
“I would suggest removing Java if possible or at least turning it off in all your browsers,” advises Jiri Sejtko, director of AVAST Virus Lab operations. Here are removal instructions for the most popular browsers: How do I disable Java in my browser?
Adobe
It is hoped that Adobe’s Tuesday update will include a plug for the big Digital Editions e-book and PDF reader hole, but more likely it will be next week. In a statement to the American Library Association, Adobe reports they “expect an update to be available no later than the week of October 20†in terms of transmission of reader data.
Tuesday’s patch will probably include a fix for bugs in Adobe Flash Player.
avast! Software Updater shows you an overview of all your outdated software applications, so you can keep them up to date and eliminate any security vulnerabilities. All avast! security products inform you whenever any of your 3rd party applications are out-of-date and you can apply updates manually by clicking the ‘Fix now’ button next to each conflicting application. avast! Premier can be configured to perform these updates automatically.
Thank you for using avast! Antivirus and recommending us to your friends and family. For all the latest news, fun and contest information, please follow us on Facebook, Twitter and Google+. Business owners – check out our business products.
Microsoft Ready With Nine Bulletins, New Critical IE Patches
Microsoft published its Patch Tuesday advance notification, advising IT shops to be ready for nine bulletins, including three critical patches.
Archie Exploit Kit Targets Adobe, Silverlight Vulnerabilities
A relatively new exploit kit that exploits old versions of Adobe Flash, Reader and, Silverlight has begun to make the rounds.
Adobe Gets Delayed Reader Update Out The Door
Adobe released a new version of Reader and Acrobat, patching eight security vulnerabilities in the PDF reader. The patches were delayed a weeks because of issues during regression testing.
Adobe Patches Host of Memory Bugs in Flash Player
Adobe announced security updates and a new version of Flash Player for Windows, Mac and Linux; the company also announced it was postponing a scheduled update for Reader and Acrobat.