Adobe has addressed a critical vulnerability in its Creative Cloud desktop application that can be exploited by hackers to delete arbitrary files. Adobe has fixed a critical vulnerability in its Creative Cloud desktop application that can be exploited by attackers to delete arbitrary files. Creative Cloud is a collection of 20+ desktop and mobile apps

byJohn E DunnNotice anything missing from last week’s Microsoft Patch Tuesday?Obscured by a long list of Microsoft patches and some fuss about a missing SMB fix, the answer is Adobe, which normally times its update cycle to coincide with the OS giant’s monthly schedule.It’s mostly a practical convenience – admins and end-users get all the important cli

Adobe has released a collection of out-of-band software updates that address a total of 41 vulnerabilities in six of its products. Adobe has released a set of out-of-band software updates that address a total of 41 vulnerabilities in six of its products. “Adobe has released security updates for Adobe Acrobat and Reader for Windows and macOS.&#

Adobe released out-of-band security updates for After Effects and Media Encoder applications that address two new critical vulnerabilities. Adobe released out-of-band security updates for After Effects and Media Encoder applications that fix two new critical vulnerabilities (CVE-2020-3765, CVE-2020-3764). Adobe After Effects is a digital visual effect

byJohn E DunnWeeks after the world first got wind of it, Microsoft has finally patched the Internet Explorer (IE) zero-day flaw the company said in January was being used in “limited targeted attacks”.The fix is part of the February Patch Tuesday update that features a record 99 security vulnerabilities including 12 marked as ‘critical’ and 87 ‘important’.Th

Adobe February 2020 Patch Tuesday updates address a total of 42 vulnerabilities in five products, dozens of them rated as critical severity. Adobe February 2020 Patch Tuesday updates address a total of 42 vulnerabilities in Framemaker, Acrobat and Reader, Flash Player, Digital Editions and Experience Manager products. Most of the vulnerabilities (21)

byDanny BradburyAdobe patched a total of 82 vulnerabilities across a range of products on Tuesday, including 46 critical bugs.The lion’s share of the patches, which the company flagged on 11 October, came in a single advisory covering Acrobat and Acrobat Reader on the Windows and macOS platforms, extending back to the Classic 2015 versions.There were

More information about BlackOasis APT is available to customers of Kaspersky Intelligence Reporting Service. Contact: intelreports@kaspersky.com Introduction Kaspersky Lab has always worked closely with vendors to protect users. As soon as we find new vulnerabilities we immediately inform the vendor in a responsible manner and provide all the details require

Adobe and Microsoft both on Tuesday released patches to plug critical security vulnerabilities in their products. Microsoft’s patch bundles fix close to 80 separate security problems in various versions of its Windows operating system and related software — including two vulnerabilities that already are being exploited in active attacks. Adobe

The Adobe product security incident response team (PSIRT) accidentally published a private PGP key on its blog, once discovered the issue it quickly revoked it. On Friday, the Adobe PSIRT updated its Pretty Good Privacy (PGP) key and published the new public key on the blog post. The new key should have been valid until September 2018, but something strange

Adobe last week detailed plans to retire its Flash Player software, a cross-platform browser plugin so powerful and so packed with security holes that it has become the favorite target of malware developers. To help eradicate this ubiquitous liability, Adobe is enlisting the help of Apple, Facebook, Google, Microsoft and Mozilla. But don’t break out th

Adobe released new versions of Flash Player and Connect web conferencing software to fix important and critical vulnerabilities. According to the security advisory published by Adobe for Flash Player, the new version 26.0.0.137 patches three critical vulnerabilities, including a remote code execution flaw tracked as CVE-2017-3099 that can be exploited by att

Security is an imperfect art. It’s also an imperfect science. Whether it involves experimenting with certain tweaks or implementing proven standards and prescriptive advice, figuring out how to manage a security program is as complex as navigating any other business function. According to the Pareto Principle, security professionals should focus on the

On Tuesday, Adobe released updates for Flash Player, Shockwave Player, Captivate and Digital Editions addressing a total of 20 vulnerabilities. Some vulnerabilities fixed by Adobe are critical remote code execution issue, the last release, version 26.0.0.126, addressed nine flaws in Flash Player. The vulnerabilities were tracked as CVE-2017-3075, CVE-2017-30

Today’s VERT Alert addresses 18 new Microsoft Security Bulletins. VERT is actively working on coverage for these bulletins and expects to ship ASPL-716 on Wednesday, March 15th.Ease of Use (published exploits) to Risk TableAutomated ExploitEasyModerateDifficultExtremely DifficultMS17-006MS17-007MS17-008MS17-013MS17-014MS17-017MS17-018 MS17-012No Known Exploi