Adobe

As predicted Adobe AIR for Android is now available in the Android Market. Go get it.

Adobe just released Reader and Acrobat version 9.4. The new release fixes some critical vulnerabilities which allow attackers to infect PCs – for example, just by browsing the net. Overall the update lists 23(!) entries in the CVE database as being solved with version 9.4. The new version is available for Windows, Mac OS X and Unix systems. For those who still use the version 8, Reader and Acrobat 8.2.5 for Windows and Mac fix the security vulnerabilities. Windows and Mac users can download the updated version at Adobes download center, while Unix users need to download the new release from Adobe’s ftp server. ...

Adobe fixed the vulnerability in Flash Player in a record time again. Just one week after the 0-day became public and started to get exploited, an update is available to close the security hole. Even though Adobe Reader and Acrobat are affected (which are supposed to get an update in 2 weeks), until now we’ve only seen exploits against the Windows Flash Player. Users and administrators should update their Flash Player as soon as possible! The version 10.1.85.3 fixes the issue for Windows, Unix, Solaris and is available through Adobe’s download center. Android users can get the update to 10.1.95.1 on the Android Market Place. ...

A malicious PDF file has turned up which exploits a new security vulnerability in Adobe Reader and Acrobat – even in the most current version 9.3.4 and 8.2.4, on all supported platforms. There is currently no update available from Adobe which fixes the vulnerability. The company is aware of the problem though. The weakness is a buffer overflow within the CoolType.dll of the Adobe Reader and Acrobat installation. While parsing a PDF document with specially prepared SING (Smart INdependent Glyphlets) fonts it is possible to abuse the vulnerability to execute malware. ...

It should go without saying that the best way to deal with malware is of course, not to get infected in the first place. Being aware of what products are being targeted by the bad guys may help you as well, so it may be useful to know that at the moment Adobe products are virtually the number one target across the world with millions of PCs being hit by infected Adobe PDFs. Others are being pwned via Adobe Flash ads via Facebook and other social media web sites. ...

Flash, sharply rejected by Jobs and Company, has moved on to Apple’s competitors, hoping for a warm welcome and the promise of a place in the mobile market. While Apple CEO Steve Jobs’ recent open letter deploring Adobe’s Flash managed to do little in terms of settling the argument as to who was right in the debate, it did point out many of the problems with the oft-buggy software that may indeed plague the smartphone experience. ...

Hey Admins…. It’s that time again. The second Tuesday is upon us and May so far hasn’t been demanding as far as patching goes. So far …. this month Microsoft has only issued two security announcements. MS10-030 and MS10-031. Microsoft has rated both as critical – and both could result in remote code being executed. MS10-030 resolves an integer overflow in POP3 & IMAP mail responses to Outlook Express and Windows Mail…. MS10-031 addresses a stack memory corruption related to the way that “Visual Basic for Applications” searches for ActiveX components, when host applications provide specially crafted files to the Visual Basic runtime. ...

Dear Microsoft, We’d like you to consider developing a PDF reader for your Windows OS. Something such as Apple’s Preview would be great: “To view a PDF file, just double-click it to open it in Preview.” Mac doesn’t require a third-party application to view PDFs, so why does Windows? Heck, you don’t even need to build it into the OS. Just make it an optional download such as your Save As PDF add-in for Office. ...

Although there’s a heated Adobe vs. Apple discussion going on, creative professionals are probably much more excited about the latest version of Adobe’s Creative Suite, which is now officially available. Besides the new versions of Photoshop, Illustrator, InDesign, Premiere Pro and Dreamweaver, Adobe Creative Suite 5 also brings Flash Player 10.1 and Adobe AIR® 2, which are “optimized for high performance on mobile screens and designed to take advantage of native device capabilities for a richer, more immersive user experience.” ...

Many patches are announced for tomorrow: The Redmond company expects to release 11 security bulletins. Of those 5 are rated critical, 5 important and 1 moderate. The patches belonging to the bulletins will close 25 security vulnerabilities in Windows, Exchange and in Office. Adobe plans to deliver security updates for critical vulnerabilities in Adobe Reader and Acrobat for all supported platforms tomorrow. Additionally, the automatic updater will be activated with the patches so in future updates get installed silent. ...