Feeds

Adobe lines up emergency Flash fix

Reader and Acrobat fixes to follow

Combat fraud and increase customer satisfaction

Adobe plans to release a patch for an unpatched cross-platform flaw in Flash on Thursday (10 June), as a partial response to a critical bug that has become the target of hacking attacks over recent days.

However, updates for Adobe Reader and Acrobat - which is also affected by the same zero-bug thanks to a vulnerable component that renders Flash files - will not be ready until June 29. In the meantime, users are advised to apply workarounds, as detailed in an updated advisory by Adobe here.

Adobe is trying to move its software patching practices towards releasing quarterly updates. But the severity of the latest Flash-related bug has forced it to tear up a planned timetable, and release updates to Reader and Acrobat (originally due on 13 July) a fortnight early.

A blog post by Brad Arkin, Adobe's director of product security and privacy, explains that the application developer decided the alternative approach of a one-off zero-day fix, followed by a full update two weeks later, was too confusing.

Flash Player 10.x for Windows, Mac and Linux is due on June 10. There's no date as yet for the release of Flash Player 10 for Solaris, a post by Adobe's security response team explains. ®

SANS - Survey on application security programs

Whitepapers

Mobile application security study
Download this report to see the alarming realities regarding the sheer number of applications vulnerable to attack, as well as the most common and easily addressable vulnerability errors.
3 Big data security analytics techniques
Applying these Big Data security analytics techniques can help you make your business safer by detecting attacks early, before significant damage is done.
The benefits of software based PBX
Why you should break free from your proprietary PBX and how to leverage your existing server hardware.
Securing web applications made simple and scalable
In this whitepaper learn how automated security testing can provide a simple and scalable way to protect your web applications.
Combat fraud and increase customer satisfaction
Based on their experience using HP ArcSight Enterprise Security Manager for IT security operations, Finansbank moved to HP ArcSight ESM for fraud management.