Software-Programming

Adobe has released the emergency update for Reader and Acrobat that it promised late last week.

The company decided to get a move on to deal with a newly-reported vulnerability that was actively being exploited, at least on Windows and the Mac.

The timeline has been pretty swift:

    2012-02-12: Bug reported in a blog post by FireEye. Details scant.
    2013-02-13: Adobe publishes a security bulletin, including a workaround for Windows users.
    2013-02-17: (Weekend) Adobe announces patch "next week."
    2013-02-20: Patch is released.

Whenever Google releases a new version of Android for its Nexus devices, it doesn’t roll out to everyone at once. It may take several days before your device receives the update, but you don’t have to wait.

Note that this only works if an OTA (over-the-air) update is actually available – for example, if you’ve got a Nexus 4 running Android 4.2.1 and you haven’t yet received a notification to update to Android 4.2.2. This won’t help if you’re using an Android device that isn’t receiving updates.

 Firefox has been fast and furiously releasing new versions, foregoing the standard dot releases and going with a "rapid release" ever since 2011. Over the past two years we've gone from version 4 all the way to version 18. The latest version, 19, is expected to be officially released tomorrow and will include the ability to view PDF files natively within the browser.

A Florida personal injury lawyer has filed a Federal lawsuit against Hewlett-Packard on behalf of rock and roll icon Ernest Evans, better known as Chubby Checker, over an app developed for webOS that "adversely affects Chubby Checker's brand and value and if allowed to continue, will cause serious damage to the Plaintiff's goodwill and will tarnish his image that he has worked to maintain over the last 50 years." That app, called the "Chubby Checker," allows users to enter a man's shoe size to estimate the size of his penis. Evans' attorney is seeking half a billion dollars in damages.

Adobe released security updates for Flash Player and Shockwave Player on Tuesday in order to address a total of 19 vulnerabilities affecting the two products.

New stand-alone versions of Flash Player 11 were released for Windows, Mac, Linux and Android. The Flash Player plug-ins bundled with Google Chrome and Internet Explorer 10 will be automatically updated through the update mechanisms of the two browsers.

 Neglecting security during a development can be a big mistake, argues Norman Begg of password management specialist my1login

This article first appeared in issue 235 of .net magazine – the world's best-selling magazine for web designers and developers.

In the 1990s, client-server was king. The processing power of PCs and the increasing speed of networks led to more and more desktop applications, often plugging into backend middleware and corporate data sources. But those applications, and the PCs they ran on, were vulnerable to viruses and other attacks. When applications were poorly designed, they could leave sensitive data exposed.

There is no doubt that in 2013 we will continue to see mobile application risk increasing. As enterprises continue to allow personal devices into the corporate environment, we will see the quantity of mobile applications growing while the understanding of the risks associated with these applications will decrease.

If you bought Verizon's first 4G phone, start checking for updates now: the carrier has finally approved the Android 4.0 update (codenamed Ice Cream Sandwich) for the HTC Thunderbolt. The only problem? The Thunderbolt has been on the market since March of 2011, and Ice Cream Sandwich came out seven months later in October—not exactly a great turn-around time.

Mozilla will add a feature to its Firefox web browser that limits the behaviour of web plugins.

Announced in a Mozilla blog post, Click to Play will "put users in control" according to Mozilla, and wrest the behaviour of their computers out of the hands of other firms and their software.