One day after Oracle released a massive security update, which included fixes for a number of Java vulnerabilities, Apple shipped its own update for Java for Mac OS X.
Adobe has advanced its sandbox technologies in the latest Reader and Acrobat editions to deter against data theft. It's also added a number of other security features.
The latest flaw affecting Java SE could allow an attacker to take over machines through a complete security sandbox bypass. But, so far, there have been no reports of active exploits.
One of the most prolific Chrome researchers has netted Google's top prize in its inaugural Pwnium competition. Google promptly patched the bug.
Adobe has added a beta sandbox feature to its Flash Player running in the Mozilla Firefox browser, the company announced Monday
Along with the release of its latest platform, OS X Lion, Apple this week issued a new version of its Safari web browser, closing dozens of security flaws.
Adobe and Google have partnered to allow Flash to run with sandboxing technology in the Chrome browser, the two companies announced Wednesday. "This first iteration of Chrome's Flash Player sandbox for all [supported] Windows platforms uses a modified version of Chrome's existing sandbox technology that protects certain sensitive resources from being accessed by malicious code, while allowing applications to use less sensitive ones," read a post on The Chromium Blog. The release initially is available to Chrome developer channel users. In November, Adobe released its latest Reader version, X, which includes sandboxing that forces operations that display PDF files to the user to be run inside a confined environment. - DK
Sign up to our newsletters
SC Magazine Articles
- Nearly 90 percent of Android devices vulnerable to endless reboot bug
- Women in IT Security: 10 Power Players
- Scanner identifies thousands of malicious Android apps on Google Play, other markets
- Report: Phishing costs average organization $3.7 million per year
- Women in IT Security: Women of influence
- Malware attacks hit Match.com UK site
- Anonymous group launches phase of cyber-attacks against IS
- ReverbNation notifies users of breach, recommends changing passwords
- Chinese Android smartphones now shipping with pre-installed malware
- Indiana State Police cite agricultural terrorism to deny stingray data request