In this video, courtesy of Kaspersky’s Lab Matters, Ryan Naraine talks with David Lenoe, Head of the Product Security Incident Response Team, Adobe, about that company’s process for responding to security vulnerabilities in its products. Among other things, Lenoe talks about Adobe’s guidelines for issuing an emergency “out of band” patch and some data on the impact of new security features, like Adobe Protected Mode.
The maintainers of the Drupal content management system are warning users that any site owners who haven’t patched a critical vulnerability in Drupal Core disclosed earlier this month should consider their sites to be compromised.
The website of Popular Science magazine was found infecting users with malware via the RIG exploit kit.
Microsoft is planning to disable support for the weak SSLv3 protocol in Internet Explorer at some undetermined point in the future.