Get up-to-the-minute news and opinions, plus access to a wide assortment of IT security resources that will keep you current and informed.

Keep me logged in Forgot your password?

Please wait...

Please wait...

 PDF

Adobe Reader attacks continue two years after patch

February 23, 2012

JavaScript-based attacks taking advantage of an Adobe Reader and Acrobat vulnerability patched in 2010 are continuing in waves, Symantec researchers said this week.
 

Adobe patches Reader bugs, releases new JavaScript feature

January 10, 2012

Adobe joined Microsoft with software updates on Tuesday for Reader and Acrobat. In addition, the PDF software company released a new capability that allows JavaScript to run based on document trust.
 

Out-of-band fix for Adobe Reader security issue coming Friday

December 15, 2011

An out-of-cycle patch is coming to fix a flaw in Adobe Reader and Acrobat 9 for Windows.
 

Lockheed Martin hit, but not breached, with Adobe zero-day

December 08, 2011

Defense contractors appear to be the prime target of sophisticated malware that attempts to take advantage of an unpatched flaw in Adobe Reader and Acrobat software.
 

Adobe to issue emergency fix for Reader security bug

December 06, 2011

Adobe warned Tuesday of an unpatched vulnerability in its Reader and Acrobat software after catching wind of active exploits by cybercriminals.
 

Mac trojan spreads under guise of PDF document

September 23, 2011

Malware writers are borrowing a page from the Windows attack handbook with the latest Mac OS X threat.
 

Microsoft, Adobe release scheduled security patches

September 13, 2011

Microsoft released five important bulletins addressing 15 flaws, along with an update revoking six more DigiNotar certificates, while Adobe issued critical updates for Reader and Acrobat.
 

Microsoft, Adobe announce forthcoming patches

September 08, 2011

Microsoft is readying five "important" security bulletins for Windows and Office, while Adobe plans to release critical updates for Reader and Acrobat.
 

Apple delivers iOS patch for jailbreak flaw

July 15, 2011

Apple on Friday issued an update for its iOS mobile operating system, addressing a security flaw being used to jailbreak iPad, iPhone and iPod Touch devices.
 

Adobe fixes Reader, Acrobat issues early

April 21, 2011

Adobe has sped up the planned release of updates to its Reader and Acrobat software, good news for customers now that reports of public exploits have emerged. The updates, released Thursday but not expected until next week, shore up two critical vulnerabilities, one of which has been leveraged in in-the-wild attacks, according to a revised bulletin. Reader X for Mac and Acrobat X for Windows and Mac received updates, as did Reader/Acrobat 9.4.3 for Windows and Mac. Reader X for Windows won't receive a new version until June 14, a scheduled quarterly update, because the "Protected Mode" capability prevents against exploit. The flaw being used in attacks also was present in Flash Player, but that software was patched last week.
 

Adobe to fix zero-day Flash vulnerability this week

April 14, 2011

Adobe is set to release an emergency update on Friday to its Flash Player for Windows, Mac, Linux and Solaris, shoring up a zero-day vulnerability disclosed earlier this week. Users of Flash for Google Chrome will receive the update on Thursday via the browser's auto-update mechanism. Attackers are actively exploiting the flaw under the guise of a legitimate Microsoft Word document, Adobe has warned. The company expects to provide an update no later than the week of April 25 for Adobe Acrobat X and earlier for Windows and Mac, Adobe Reader X for Mac and Adobe Reader 9.4.3 and earlier for Windows and Mac. Adobe Reader X for Windows is expected to be updated with the next quarterly release, scheduled for June 14.
 

Adobe advises of Flash flaw exploited via Excel docs

March 14, 2011

Adobe on Monday warned of a "critical" zero-day vulnerability in Flash Player that attackers currently are exploiting through Microsoft Excel files.
 

Unwitting accomplices and complicit security teams

Anup Ghosh, founder and chief scientist, Invincea February 25, 2011

End-users may be the weakest link, but technology exists to take security out of their hands.
 

Adobe issues slew of patches for its software

February 09, 2011

Adobe on Tuesday released its quarterly security update, fixing dozens of vulnerabilities, including 29 flaws in its popular PDF viewing software Reader and Acrobat and 13 in Flash Player.
 

Adobe to release Reader, Acrobat updates

February 04, 2011

Adobe next week plans to release updates for its Reader and Acrobat software to fix critical security issues, the company said in a notification security advisory issued Thursday. Updates will be available for Reader and Acrobat X (10.0) for Windows and Mac; Acrobat 9.4.1 and earlier versions for Windows and Mac and Reader 9.4.1. and earlier versions for Windows, Mac and Unix. Updates for Windows and Mac are scheduled to be released on Tuesday, while Unix users will have to wait until Feb. 28 for a fix. - AM
 

Adobe X released with new sandboxing feature

November 19, 2010

Adobe X, the latest version of Adobe Reader, was released on Thursday and includes a new security feature designed to mitigate attacks against the popular PDF software. The new capability, called "Protected Mode," will force operations that display PDF files to the user to be run inside a confined environment, known as a sandbox, in which certain functions are prohibited. The functionality will help prevent attackers from writing files or installing malware on a victim's computer, Brad Arkin, senior director of product security and privacy at Adobe, wrote in a blog post Thursday. The capability is similar to technologies used in the Google Chrome web browser and Microsoft Office 2010, Arkin said. - AM
 

Adobe to issue emergency updates for Reader, Acrobat

November 15, 2010

Adobe this week plans to issue an emergency security update for Adobe Reader and Acrobat to fix a number of critical flaws, including a zero-day vulnerability that is being exploited in the wild.
 

Adobe investigating DoS "issue" in Reader

November 05, 2010

Adobe is investigating a "potential issue" in Reader that could permit the launch of denial-of-service attacks against affected computers, the company said Thursday.
 

Adobe reveals new flaw affecting Flash and Reader

October 28, 2010

A "critical" zero-day vulnerability affecting Adobe Flash Player, Reader and Acrobat is being exploited in the wild, Adobe warned on Thursday.
 

Microsoft warns of "unprecedented" Java exploitation

October 18, 2010

The number of attacks on vulnerable Java code spiked during the third quarter of the year and have reached "unprecedented" levels, a Microsoft malware expert said on Monday.
 

Adobe X to include new sandboxing security feature

October 18, 2010

The next major version of Adobe Reader, Adobe X, slated to be released next month, will include a new security feature designed to mitigate attacks against the popular PDF software, Adobe announced on Monday. The new capability, called "Protected Mode," will force all operations that display PDF files to the user to be run inside a highly confined environment, known as a sandbox, in which certain functions are prohibited. The new functionality will help prevent attackers from being able to write files, change registry keys or install malware on an individual's computer, Adobe has said. Malicious code inside PDF files will be contained inside the Reader sandbox, instead of being installed on a user's system. — AM
 

New Reader, Acrobat from Adobe fixed for 23 flaws

October 05, 2010

Adobe on Tuesday released updated versions of its flagship Reader and Acrobat products to close a whopping 23 vulnerabilities, including two publicly known issues.
 

Adobe Reader, Acrobat patches coming Tuesday

September 30, 2010

Adobe on Tuesday plans to release updates to its widely deployed Reader and Acrobat software to address a number of flaws, including a pair of known issues, the company announced Thursday.
 

Adobe updates Flash Player to address critical flaw

September 20, 2010

Adobe issued a security update to address a "critical" vulnerability in Adobe Flash Player that could allow an attacker to take control of a targeted system.
 

Adobe discloses Flash bug, moves up Reader fixes

September 13, 2010

Adobe on Monday revealed a "critical" vulnerability in Flash Player that can be used by an attacker to take control of a targeted system. The flaw affects Flash versions 10.1.82.76 and earlier for Windows, Macintosh, Linux, Solaris and Android, according to an advisory. The same bug also impacts Adobe Reader 9.3.4 for Windows, Mac and Linux and Acrobat 9.3.4 for Windows and Mac. Adobe is not aware of any public exploits, although there have been reports of them. A fix is scheduled for Sept. 27. Also on Monday, Adobe announced it plans to fast-track its planned quarterly Reader and Acrobat patches by one week, to the week of Oct. 4. The decision comes days after Adobe disclosed a dangerous zero-day vulnerability that is being leveraged in active attacks. — DK
 

Adobe grapples with new Reader, Acrobat zero-day

September 08, 2010

Adobe on Wednesday confirmed a dangerous Reader and Acrobat vulnerability, which is being exploited in the wild.
 

IBM report shows new flaws skyrocket in first half of year

August 25, 2010

IBM X-Force's mid-year threat report examined trends in vulnerability disclosures, techniques used to foist malware and risks to virtual environments, plus much more.
 

Adobe issues emergency patch for Reader, Acrobat

August 19, 2010

Adobe on Thursday issued an emergency fix for Reader and Acrobat to address a "critical flaw," first disclosed at the Black Hat conference in Las Vegas, that could allow an attacker to compromise a user's system.
 

Adobe plans emergency fix for Reader, Acrobat

August 05, 2010

Adobe plans to release an out-of-cycle patch next week for a "critical" PDF flaw disclosed at last week's Black Hat conference, the company announced Thursday. The update to Reader 9.3.3 for Windows, Macintosh and UNIX and Acrobat 9.3.3 for Windows and Mac is expected to fix a number of vulnerabilities, including one revealed by researcher Charlie Miller at last week's show. That flaw, caused by an integer overflow error in the way the PDF viewer parses fonts, could lead to memory corruption or code execution. Adobe was considering releasing the fix during its normal quarterly cycle in October, but decided otherwise, even though there are no reported exploits. — DK
 

Attackers likely to pounce on iOS flaws as Apple readies fix

August 05, 2010

Researchers are warning that attackers soon will exploit iOS vulnerabilities for malicious purposes.
 
Popular Topics
4G-war Advanced Persistent Threat Adware AMTSO Anonymous Botnets Cyber Attacks Cyber Crime Data Breach Data Breaches Encryption Hackers Hacktivism Health Care IT Security Java Malware Mobile Devices Phishing Risk Management Social Security Numbers Stolen Information Survey Trojans Vulnerabilities & Flaws