Articles about Adobe

Adobe security

Critical Adobe Reader and Acrobat patches FINALLY make it out

Adobe belatedly pushed out critical updates for its frequently-attacked Reader and Acrobat PDF software packages on Tuesday. Mac and Windows users of Adobe Reader XI (11.0.08) and earlier versions should update to version 11.0.09. Adobe Reader X (10.1.11) users who can't upgrade are being offered a patched version of the earlier …
John Leyden, 17 Sep 2014

Adobe swallows Aviary, hopes to stuff Creative Cloud into mobes

Adobe has gulped down editing app firm Aviary to beef up its mobile image-fiddling software with an eye on the professional crowd. Scott Preston, veep of the products community, said in a blog post that very little professional editing was done on mobile devices these days – and Adobe is hoping to change that. “While mobile has …
Adobe security

Second time's a charm: Adobe has another go at killing Flash hijack flaw

Ready to enjoy the Thanksgiving holiday? Can't wait to open your advent calendar? Not so fast – there's one more patch to install before the month is over. Adobe has posted an update for its Flash plugin, version 15.0.0.239, to address a critical remote-code-execution vulnerability. This will be the Photoshop giant's second …
Shaun Nichols, 25 Nov 2014
adobe

Everyone taking part in Patch Tuesday step forward. NOT SO FAST, Adobe!

Adobe has pushed back the release date for a planned security fix in Acrobat and Reader. The company said that the patch for both Windows and OS X versions of Reader and Acrobat due for tomorrow will instead arrive next week. The delay will give the company time to iron out problems spotted during testing, the company said in …
Shaun Nichols, 09 Sep 2014
Sorry we're closed

Adobe axes R&D lab in China, insiders blame mandarins and pirates

Adobe is closing the doors of its research and development facility in China – and some within the biz are reportedly blaming the recalcitrant attitude of the Chinese government for the move. "The overall climate in China against Western enterprises has been quite negative and that's one of the major reasons," the anonymous …
Iain Thomson, 25 Sep 2014
Adobe security

You've got three days to patch Adobe Flash, Air, Reader

Adobe has patched seven vulnerabilities in its Flash and Air platforms and one in Reader and Acrobat that is being exploited by attackers. The vulnerabilities could allow attacker to "take control of affected systems" dubbed critical by the company. Administrators were urged to apply the updates within three days on Windows, …
Darren Pauli, 13 Aug 2014

Adobe spies on readers: EVERY DRM page turn leaked to base over SSL

Adobe has tweaked its Digital Editions 4 desktop ebook reader to now encrypt the data it secretly sends back to headquarters – data that details a user's reading habits. Previously, information on every single tome accessed by Digital Editions 4 was phoned home unencrypted, allowing anyone eavesdropping on a network to intercept …
Iain Thomson, 23 Oct 2014
Adobe Shape vector art in position

Adobe unveils mobile app Cloud Atlas

Max 2014 Adobe’s Creative Cloud obsession hasn’t won over all its users, especially those with memories that stretch back as far as May this year when Adobe ID login credentials were refused in most parts of the globe. Yet the graphics behemoth has been busy joining the dots to make its Creative Cloud platform appear alluring to anyone …
Bob Dormon, 06 Oct 2014
Adobe Flash installer

Drink me: Adobe pours Flash Player bug squash

Adobe is pushing out a cross-platform security fix for a bug in its Flash Player that miscreants are already exploiting. Windows users running Adobe Flash Player 13.0.0.182 and earlier need to update it following the discovery of a zero-day attack. "Adobe is aware of reports that an exploit for CVE-2014-0515 exists in the wild …
John Leyden, 28 Apr 2014

Adobe CSO offers Oracle security lesson: Go click-to-play

Oracle could have saved mountains of cash and bad press if Click-to-Play was enabled before Java was hosed by an armada of zero day vulnerabilities, Adobe security boss Brad Arkin says. The simple fix introduced into browsers over the last year stopped the then zero day blitzkrieg in its tracks by forcing users to click a button …
Darren Pauli, 16 Oct 2014

Adobe appoints former Reg man as open-source chief mobile lead

Adobe, maker of such renowned proprietary products as Flash Player and Creative Suite, has hired a career open-sourcer to lead mobile marketing. Matt Asay has quietly been appointed Adobe’s vice president of mobile for the firm’s digital marketing business, The Reg has learned. He left his post as vice president of community at …
Gavin Clarke, 14 Nov 2014

Adobe Reader sandbox popped says Google researcher

The Acrobat Reader Windows sandbox contains a vulnerability that could allow attackers to break out and gain higher privileges, Google security bod James Forshaw claims. The NTFS junction attack is a "race condition" in the handling of the MoveFileEx call hook Forshaw said. While unpatched, subsequent September updates made the …
Darren Pauli, 27 Nov 2014
Apple's Aperture

Apple abruptly axes Aperture ... Adobe anxiously awaits arrivals

Apple is reportedly ending development of its Aperture photo-tweaking software. The iThing maker said on Friday, via The Loop, that it will be ending development of Aperture and, starting next year, migrating users to its Photos application. Designed as a pro counterpart for iPhoto, Aperture was introduced in 2005. The …
Shaun Nichols, 28 Jun 2014

Graphics pros left hanging as Adobe Creative Cloud outage nears 24 hours

Updated Adobe is struggling to correct a global outage that has already locked customers out of its Creative Cloud online services for nearly 24 hours. The Photoshop maker first tweeted that users were unable to login to their Adobe accounts at 2:22pm Pacific time on Wednesday, and the service was still offline as of 1pm on Thursday. …
Neil McAllister, 15 May 2014
IE8 patch

Back-to-school Patch Tuesday: Critical updates for Internet Explorer, Adobe Reader

Microsoft is planning a light edition of Patch Tuesday for September with just four bulletins, only one of which covers critical vulnerabilities. But an upcoming Adobe critical update for its Reader software around the same time means sysadmins are still likely to have their hands full next Tuesday. The sole critical update for …
John Leyden, 05 Sep 2014

Adobe spies on readers: 'EVERY page you turn, EVERY book you own' leaked back to base

Updated Adobe's Digital Editions 4 ebook reader software collects detailed information about the reading habits of its users – and sends it back to the company in a format that's easy for others to slurp. An investigation by Nate Hoffelder of The Digital Reader blog showed that ADE 4 was collecting telemetry on which pages of ebooks …
Iain Thomson, 07 Oct 2014

Adobe spies on reading habits over unencrypted web because your 'privacy is important'

Adobe confirmed its Digital Editions software insecurely phones home your ebook reading history to Adobe – to thwart piracy. And the company insisted the secret snooping is covered in its terms and conditions. Version 4 of the application makes a note of every page read, and when, in the digital tomes it accesses, and then …
Iain Thomson, 08 Oct 2014
Office 365 video portal

Microsoft adds video offering to Office 365. Oh NOES, you'll need Adobe Flash

Microsoft has added a video portal to Office 365, enabling users to upload and share videos. The service will be in preview soon, and available to all customers with the right kind of subscription in early 2015. So what is the point, when YouTube does this so well? The idea is to manage internal videos with permissions based on …
Tim Anderson, 19 Nov 2014

Adobe Flash: The most INSECURE program on a UK user's PC

Adobe Flash Player was the most insecure program installed on UK computer users PCs throughout the second quarter of 2014, according to stats from vulnerability management firm Secunia. Nearly seven in 10 (69 per cent) UK PC users were found to have an end-of-life version of Adobe Flash Player 13 installed during Q2 2014. Users …
John Leyden, 10 Jul 2014
adobe

Adobe goes out of band to fix frightful Flash flaw

Adobe has issued an out-of-band fix to address what the company warns is an actively-targeted vulnerability in its Flash media plug-in. The company said that the Flash 12.0.0.44 update would address a remote code execution vulnerability present in the Windows, OS X, and Linux versions of Flash Player. Users running Chrome and …
Shaun Nichols, 05 Feb 2014

Cortana, remind me to patch Windows, IE, and Adobe gear next Tues

Microsoft will release eight security updates next Tuesday to squash remote-code execution bugs in Windows and Internet Explorer among other flaws. Meanwhile, Adobe will issue new versions of Acrobat and Reader for this month's Patch Tuesday. Two of the security updates from Microsoft are rated as critical because they allow …
Shaun Nichols, 09 May 2014

Adobe blames 'maintenance failure' for 27-hour outage

Adobe has blamed a maintenance failure for the 27-hour outage in its Creative Cloud suite that left video and photo editors unable to log into online services. “The failure happened during database maintenance activity and affected services that require users to log in with an Adobe ID,” Adobe said in a blog post apologising for …
bug on keyboard

Didn't you know? Today's Patch Thursday! Adobe splats hijack bug in Shockwave Player

Adobe has updated its Shockwave Player to close a security hole that could allow hackers to hijack vulnerable Windows and OS X computers. The Photoshop giant said version 12.1.150 will address a flaw that enables an attacker to potentially remotely control a targeted system: a malicious file opened by Shockwave could exploit a …
Shaun Nichols, 13 Mar 2014
EMET

Microsoft hacks out new EMET, spits out Adobe Flash

Microsoft has emitted a new version of EMET – its Enhanced Mitigation Experience Toolkit. Redmond often recommends deployment of EMET as a frontline defence against attacks, so the release of a new version is noteworthy. The big two enhancements that Microsoft is talking up the loudest are an improved Attack Surface Reduction ( …
Simon Sharwood, 04 Aug 2014
LG Optimus 2X

Android busted for carrying Fake ID: OS doesn't check who really made that 'Adobe' plugin

Google Android allows malware to masquerade as legit, trusted apps thanks to weaknesses in the way the operating system checks digital certificates of authenticity. The flaw, dubbed Fake ID by its discoverers at Bluebox Security, affects all versions of Android from 2.1 (released in 2010) up to Android 4.4. Although Google …
Iain Thomson, 29 Jul 2014
adobe

Buggy software in need of patching? Hey, we got that right here – Adobe

Adobe has released a batch of scheduled security fixes to address critical flaws in its Flash Player and ColdFusion products. The company said the updates will tackle a pair of security vulnerabilities in the two platforms which could be exploited remotely by attackers. For Flash Player, the update applies to Windows, Linux and …
Shaun Nichols, 13 Nov 2013
Oracle headquarters

Done with Microsoft and Adobe patches? Good, here's Oracle's load

Oracle is piling on this month's Patch Tuesday with a collection of security fixes for 16 of its enterprise software platforms. Among the massive wad of updates will be a package of 25 bug fixes for Java SE, 22 of which are remotely exploitable without authentication and 12 of which allow an attacker to take complete control of …
Shaun Nichols, 15 Oct 2014

Patch Tuesday: Adobe outdoes Microsoft, swats 18 bugs in latest update

Administrators and end users are being advised to update their systems following a set of Patch Tuesday releases from Microsoft and Adobe, which address more than 30 security flaws combined. Adobe said that its monthly update will include patches for its Flash, Reader, and Acrobat platforms, as well as an update for Illustrator …
Shaun Nichols, 13 May 2014
Borked computer keyboard

Adobe users' purloined passwords were PATHETIC

Adobe's security breach just got worse for the company and the world, after a security researcher revealed that 1.9 million of the company's customers us the string “123456” as their password. The researcher in question is Jeremi Gosney of the Stricture Group, whose Twitter profile claims The Reg has in the past labelled him a “ …
Simon Sharwood, 05 Nov 2013
bug on keyboard

Patch Tuesday brings Microsoft fixes and Adobe Shockwave update

Microsoft and Adobe have delivered the February edition of their monthly security updates. The two firms kicked off the second Patch Tuesday of the year by each releasing fixes for critical vulnerabilities that could allow for remote code execution. For Microsoft, the monthly release consists of six bulletins which address a …
Shaun Nichols, 12 Feb 2014
The before and after effects promised by Dove's fake Photoshop action

Adobe all smiles as beret bods spaff cash on non-cloud Creative Suite

A late rally from Adobe customers wanting to buy software on a perpetual license before that option closed this month, coupled with a swelling base of cloudy converts, helped boost the developer's coffers in its fiscal second quarter. Adobe turned over $1.07bn in revenues in the three-month period ended 30 May, up from $1.01bn a …
Paul Kunert, 18 Jun 2014

Apple, Google, Intel, Adobe, settle employee-fiddling class action suit

A series of secret pacts among some of the biggest employers in Silicon Valley to cheat their staffers could turn out to be a rather expensive mistake, with Apple, Google, Intel, and Adobe now agreeing to settle the antitrust class-action lawsuit out of court. "This is an excellent resolution of the case that will benefit class …
Iain Thomson, 25 Apr 2014
frustration_anger_irritation_annoyance pain

Adobe Creative Cloud 2014: Progress and pain in the usual places

Comment Remember when software product upgrades were a big thing? Balloons, keyrings, parties? Today, they’re slipped under the door furtively like a pizza takeaway price list. And so it is with Adobe’s announcement today of what’s new in Creative Cloud: lots of PR singing by email, but no actual dancing seems to be taking place. When …
Alistair Dabbs, 19 Jun 2014
Adobe Photoshop Mix

EXPLICIT PICS: We take you inside Adobe's Creative Cloud update

Adobe has announced a revamp of its Creative Cloud suite, updating 14 core apps and adding new mobile apps and hardware too. Adobe Ink and Slide Adobe Ink and Slide hardware for iPad made in collaboration with Adonit Despite bringing many a creative business to its knees last month with its Adobe ID authentication snafu, the …
Bob Dormon, 18 Jun 2014

Security holes in Word, the Windows kernel and Adobe Flash. Party like it's Patch Tuesday again

Flaws in Microsoft Word and Office Web Apps that allow hackers to execute malicious code on vulnerable systems have been fixed in Redmond's latest monthly batch of security bug fixes. In addition, two bugs at the kernel level of Windows XP and 7, and Server 2003 and 2008 R2, allow logged-in attackers to escalate their privileges …
Shaun Nichols, 15 Jan 2014
The Register breaking news

Adobe marketing cloud now to rain spam following Neolane slurp

Adobe has said that it will slurp up digital marketing software firm Neolane into its marketing cloud for $600m in cold, hard cash. Neolane, which operates a software platform for managing digital marketing campaigns across web, email, social and other channels, will be shoved into the Adobe Marketing Cloud, the firm said. The …

A-D'OH!-BE: Adobe hit by 'sophisticated' MEGA HACK RANSACK

Adobe's systems have been hit by numerous "sophisticated attacks" that have compromised the information of 2.9 million customers, and accessed the source code of Adobe products. The company said on Thursday that it has been the victim of a major cyberattack and said hackers had accessed those millions of customer IDs and …
Jack Clark, 03 Oct 2013
Facebook logo

Facebook makes Adobe fans change their horrible, horrible passwords

Facebook has scanned millions of email address and password pairs hackers dumped online from Adobe's user account database – so that it can force its social networkers to change their passwords if they used the same logins details for both websites. Late last month, Adobe warned of "sophisticated attacks" on its network in which …
Shaun Nichols, 12 Nov 2013
Disney's Beagle Boys

Three million Adobe accounts hacked? Sorry, make that 38 MILLION

Remember that Adobe security breach earlier this month that leaked the account records of some 3 million customers? Scratch that: the actual number hacked was at least 38 million, it has emerged. In early October, Adobe warned of "sophisticated attacks" on its network in which hackers gained access to data for what was then …
Neil McAllister, 30 Oct 2013

New Flash vuln exploited (again). Adobe posts emergency fix (again)

Adobe has released an update to address critical flaws in its Flash Player software, one of which is being actively targeted in the wild. The company said that the Windows and Mac OS X builds of Flash Player 12.0.0.44 and earlier, and Flash Player 11.2.202.336 and earlier for Linux, must be upgraded to fix a trio of bugs. Adobe …
Shaun Nichols, 20 Feb 2014
The Register breaking news

Adobe squashes TWO critical Flash vulnerabilities with emergency patches

Adobe published a critical Flash Player update on Tuesday to fix three exploits, two of which are under active attack by hackers. Two of the three vulnerabilities are being used by nefarious folk, Adobe said, and one of these two explicitly targets the Firefox browser. Adobe introduced the Flash Player sandbox a year ago to …
Jack Clark, 27 Feb 2013
A storm is brewing (Mali, Sahel). Foto: F. Guichard & L. Kergoat, AMMA project, CNRS copyright.

Adobe's Creative Cloud fails at being a cloud

The file-syncing part of Adobe's new Creative Cloud family of technologies has been intermittently broken for a week, taking the "cloud" part out of Adobe's "Creative Cloud" redesign of its products. Now Adobe is suspending it "for the next couple of weeks" to make updates. The sync feature, which means files being fiddled with …
Jack Clark, 17 May 2013

Adobe scrambles to revoke stolen cert

Adobe has revealed an attack that compromised some of its software development servers, resulting in its code signing certificate being used to disguise malware as Adobe software. The attackers compromised a build server, Adobe says in this statement, which had “access to the Adobe code signing infrastructure”. The build server …
The Register breaking news

Patch Tuesday deja vu: Adobe patches Flash ... again

Adobe yesterday released a Flash Player update just one week after its patch Tuesday release, providing a bit of extra hassle for admins for the second Tuesday in a row. The latest (APSB12-19) update for Adobe Flash and Adobe AIR addresses six cross-platform flaws in Adobe Flash Player for Windows, Mac OS X, Linux and Android …
John Leyden, 22 Aug 2012
The Register breaking news

Adobe investigating attacks on PDFs using zero-day flaw

Vulnerability researchers at FireEye are reporting that Adobe's Reader software has a zero-day flaw that hackers are already exploiting in the wild. FireEye flaw You've been pwned (click to enlarge) The flaw is found in Adobe Reader 9.5.3, 10.1.5, and 11.0.1 and involves sending a specially crafted file to the target. …
Iain Thomson, 14 Feb 2013
The Register breaking news

'Better than Adobe' Foxit PDF plugin hit by worse-than-Adobe 0-day

A new security bug in the popular Foxit PDF reader plugin for web browsers allows miscreants to compromise computers and install malware. There's no patch for this zero-day vulnerability. Italian security researcher Andrea Micalizzi discovered that the latest version of the software crashes if users are tricked into clicking on …
John Leyden, 11 Jan 2013
The Register breaking news

Adobe plugs up buffer overflow holes in Shockwave update

Adobe released a patch for its Shockwave Player software on Tuesday, addressing six security vulnerabilities that might easily lend themselves to malware-pushing exploits. Shockwave Player 11.6.7.637 and earlier versions on both Windows and Mac need updating to the latest version: Shockwave Player 11.6.8.638. Adobe said it was …
John Leyden, 24 Oct 2012
The Register breaking news

Adobe punts fix for Reader, Acrobat holes battered by PC, Mac hackers

Adobe has pushed out an emergency security update for its PDF viewing software Reader and Acrobat to plug zero-day vulnerabilities that emerged last week. The cross-platform update, issued yesterday, addresses flaws that were being actively exploited by miscreants to compromise and take over Microsoft Windows and Apple Mac OS X …
John Leyden, 21 Feb 2013

CryptoLocker creeps lure victims with fake Adobe, Microsoft activation codes

Miscreants have brewed up a variant of the infamous CryptoLocker ransomware that uses worm-like features to spread across removable drives. The recently discovered CRILOCK-A variant can spread more easily than previous forms of CryptoLocker. The latest nasty is also notable because it comes under previously unseen guises - such …
John Leyden, 02 Jan 2014
The Register breaking news

Adobe Reader 0-day exploit surfaces on underground bazaars

Miscreants have reportedly discovered a zero-day vulnerability in latest version of Adobe Reader. Exploits based on the vulnerability, which circumvents sandbox protection technology incorporated into Adobe X and Adobe XI, are on sale in underground forums. Pricing starts at a hefty $30,000 but the exploit has already made its …
John Leyden, 08 Nov 2012