One day after Oracle released a massive security update, which included fixes for a number of Java vulnerabilities, Apple shipped its own update for Java for Mac OS X.
Adobe has advanced its sandbox technologies in the latest Reader and Acrobat editions to deter against data theft. It's also added a number of other security features.
The latest flaw affecting Java SE could allow an attacker to take over machines through a complete security sandbox bypass. But, so far, there have been no reports of active exploits.
One of the most prolific Chrome researchers has netted Google's top prize in its inaugural Pwnium competition. Google promptly patched the bug.
Adobe has added a beta sandbox feature to its Flash Player running in the Mozilla Firefox browser, the company announced Monday
Along with the release of its latest platform, OS X Lion, Apple this week issued a new version of its Safari web browser, closing dozens of security flaws.
Adobe and Google have partnered to allow Flash to run with sandboxing technology in the Chrome browser, the two companies announced Wednesday. "This first iteration of Chrome's Flash Player sandbox for all [supported] Windows platforms uses a modified version of Chrome's existing sandbox technology that protects certain sensitive resources from being accessed by malicious code, while allowing applications to use less sensitive ones," read a post on The Chromium Blog. The release initially is available to Chrome developer channel users. In November, Adobe released its latest Reader version, X, which includes sandboxing that forces operations that display PDF files to the user to be run inside a confined environment. - DK
Sign up to our newsletters
SC Magazine Articles
- CISO salaries and demand for cyber-skills skyrockets, surprising no-one
- Skype targeted by T9000 backdoor trojan
- Student SSNs exposed in University of Central Florida breach
- Malwarebytes says sorry for multiple AV bugs, still unpatched
- Ransomware and POS attackers to zero in on small businesses, retailers
- Obama goes hard on cybersecurity, new CNAP commits funds, resources
- NSA reorg could strengthen defense ops
- Pro-Palestine hacktivist makes good on threat, posts data on FBI and DHS personnel
- Microsoft's February Patch Tuesday: 13 bulletins addressing 36 vulnerabilities
- Draft Investigatory Powers Bill draws fire from Parliamentary committee