Skip to main content

Adobe

McAfee spots Adobe Reader PDF-tracking flaw

posted onApril 29, 2013
by l33tdawg

McAfee said it has found a vulnerability in Adobe Systems' Reader program that reveals when and where a PDF document is opened.

The issue is not a serious problem and does not allow for remote code execution, wrote McAfee's Haifei Li in a blog post. But McAfee does consider it a security problem and has notified Adobe. It affects every version of Adobe Reader, including the latest version, 11.0.2, Li wrote.

The Evolution of Exploit Sophistication

posted onApril 5, 2013
by l33tdawg

When we look at the exploits that Adobe patched from February and March of this year, it is clear that today’s zero-day exploits are increasingly more sophisticated. This increase in sophistication is not limited to the skills needed to find and exploit the vulnerability. The code used to exploit the environment is also more robust in terms of code quality and testing. In short, exploit creation today requires the same level of rigor as professional software engineering projects.

Why did Apple hire Adobe CTO Kevin Lynch?

posted onMarch 20, 2013
by l33tdawg

Just hours after word leaked that Apple had poached Adobe's chief technology officer, the Internet is ablaze with the question of what, exactly, the iPhone maker plans to do with Kevin Lynch.

Lynch is particularly interesting as an executive choice for Apple because of his close association with Adobe Flash, a product he infamously clashed with Apple over, beginning in 2010.

Adobe Issues Patch as Hackers Attack Flash Yet Again

posted onFebruary 27, 2013
by l33tdawg

This is getting out of hand. For the second time this month, Adobe has issued an urgent warning telling users of its Flash plug-in to download a patch as soon as possible to avoid dangerous attacks by hackers.

Tuesday’s surprise update patches holes "that could cause a crash and potentially allow an attacker to take control of the affected system," Adobe said in a security bulletin. Although anyone who runs flash on a PC or Mac should install the patch as soon as possible, it’s even more urgent to do so if you’re using Mozilla’s Firefox browser, Adobe said.

Adobe's emergency patch for Reader and Acrobat is here

posted onFebruary 21, 2013
by l33tdawg

Adobe has released the emergency update for Reader and Acrobat that it promised late last week.

The company decided to get a move on to deal with a newly-reported vulnerability that was actively being exploited, at least on Windows and the Mac.

The timeline has been pretty swift:

    2012-02-12: Bug reported in a blog post by FireEye. Details scant.
    2013-02-13: Adobe publishes a security bulletin, including a workaround for Windows users.
    2013-02-17: (Weekend) Adobe announces patch "next week."
    2013-02-20: Patch is released.

Adobe to patch Reader zero-day this week

posted onFebruary 18, 2013
by l33tdawg

Adobe on Saturday said it would release an emergency patch for two Reader zero-day vulnerabilities this week.

Hackers have already been exploiting the bugs using rigged PDF documents sent as email attachments. "Adobe plans to make available updates for Adobe Reader and Acrobat ... during the week of February 18, 2013," the company said in its security incident response team's blog Saturday.

Adobe reviews report of another security bug

posted onFebruary 14, 2013
by l33tdawg

Adobe is investigating a report by a cyber security firm that hackers exploited previously unknown bugs in its Reader and Acrobat software to launch sophisticated attacks on PCs.

FireEye, a Silicon Valley company that helps businesses fight cyber attacks, said it obtained PDF files tainted with malicious software, which can take advantage of the newly discovered bugs. It declined to identify any victims of the attacks.

Adobe releases patches for Flash Player and Shockwave Player

posted onFebruary 13, 2013
by l33tdawg

Adobe released security updates for Flash Player and Shockwave Player on Tuesday in order to address a total of 19 vulnerabilities affecting the two products.

New stand-alone versions of Flash Player 11 were released for Windows, Mac, Linux and Android. The Flash Player plug-ins bundled with Google Chrome and Internet Explorer 10 will be automatically updated through the update mechanisms of the two browsers.