Adobe, Microsoft Patch Critical Security Bugs

Adobe has pushed out a critical update to plug at least 52 security holes in its widely-used Flash Player browser plugin, and another update to patch holes in Adobe Reader. Separately, Microsoft released 11 security updates to fix vulnerabilities more than 40 flaws in Windows and related software. First off, if you have Adobe Flash Player … Читать далее

Adobe, Microsoft Push Security Updates

Adobe and Microsoft today each released software updates to fix serious security flaws in their products. Adobe pushed an update that plugs a pair of holes in its Flash Player software. Microsoft issued five updates, including one that addresses a zero-day vulnerability in Internet Explorer that attackers have been exploiting of late. Microsoft’s five bulletins … Читать далее

Help Keep Threats at Bay With ‘Click-to-Play’

Muzzling buggy and insecure Web browser plugins like Java and Flash goes a long way toward blocking attacks from drive-by downloads and hacked or malicious Web sites. But leaving them entirely unplugged from the browser is not always practical, particularly with Flash, which is used on a majority of sites. Fortunately for many users, there … Читать далее

Adobe Ships Security Patches, Auto-Update Feature

Adobe today issued more than a dozen security updates for its Acrobat and PDF Reader programs, including a feature update that will install future Reader security updates automatically. In addition, Adobe has shipped yet another version of its Flash Player software to fix a critical security flaw. No doubt some will quibble with Adobe’s move … Читать далее

Flash Player Patch Fixes Zero-Day Flaw

Adobe released an emergency security update today to fix a vulnerability that the company warned is being actively exploited in targeted attacks designed to trick the user into clicking on a malicious link delivered in an email message. The vulnerability — a cross-site scripting bug that could be used to take actions on a user’s … Читать далее

Critical Flash Player Update Plugs 11 Holes

Adobe has released another batch of security updates for its ubiquitous Flash Player software. This “critical” patch fixes at least 11 vulnerabilities, including one that reports suggest is being exploited in targeted email attacks. In the advisory that accompanies this update, Adobe said “there are reports of malware attempting to exploit one of the vulnerabilities, … Читать далее

Rap Sheets on Top Software Vendors

A new online resource aims to make it easier to gauge the relative security risk of using different types of popular software, such as Web browsers and media players. Last month, I railed against the perennial practice of merely counting vulnerabilities in a software product as a reliable measure of its security: Understanding the comparative … Читать далее

Security Updates for Firefox, Opera Browsers

Mozilla has shipped a new version of Firefox that corrects a number of vulnerabilities in the browser. Separately, a new version of Opera is available that fixes at least five security flaws in the software. Firefox version 3.6.4 addresses seven security holes ranging from lesser bugs to critical flaws. Mozilla says this latest version of … Читать далее

Revisiting the Eleonore Exploit Kit

Not long after I launched this blog, I wrote about the damage wrought by the Eleonore Exploit Kit, an increasingly prevalent commercial hacking tool that makes it easy for criminals to booby-trap Web sites with malicious software. That post generated tremendous public interest because it offered a peek at the statistics page that normally only … Читать далее

Opera Plugs ‘Extremely Severe’ Security Hole

The makers of the Opera Web browser are urging users to apply an update that fixes what the company described as an “extremely severe” security flaw in Windows and Mac versions of the software. The vulnerability is fixed in the latest version, v. 10.53, available from this link. Alternatively, Opera users can click “Help” then … Читать далее