Adobe admitted over the weekend that its popular Flash Player continues to suffer from a crash bug that the company has known about since September 2008. Emily Huang, a product manager, said Saturday in a blog post that the company didn't repair the flaw in Flash Player 10, which shipped soon after it learned about the bug, because of timing. However, the issue, which is not considered a security vulnerability, should have been addressed in subsequent, interim updates. The unresolved bug is expected to be repaired when Flash 10.1 is released this year. "It slipped through the cracks, and it is not something we take lightly," Huang said of the oversight. — DK
Legislation seeking to address open source software risks in government has been introduced by Sens. Gary Peters, D-Mich., and Rob Portman, R-Ohio, according to The Record, a news site by cybersecurity firm Recorded Future.