The current zero-day attacks against Adobe Flash Player are not quite zero-day after all. According to new information, Adobe’s security response team knew about the vulnerability since December 31, 2008 (see image below) but it was misdiagnosed as a “data loss corruption” issue.
When word of the attacks surfaced this week, Adobe quickly locked access to the bug ticket with a note that it was “reclassified as a security bug.” Read the full story [zdnet.com]
The current zero-day attacks against Adobe Flash Player are not quite zero-day after all. According to new information, Adobe’s security response team knew about the vulnerability since December 31, 2008 (see image below) but it was misdiagnosed as a “data loss corruption” issue.
When word of the attacks surfaced this week, Adobe quickly locked access to the bug ticket with a note that it was “reclassified as a security bug.” Read the full story [zdnet.com]
Adobe fixed three critical-severity flaws in Adobe Prelude, Adobe Experience Manager and Adobe Lightroom.
The critical-severity Adobe Acrobat and Reader vulnerabilities could enable arbitrary code execution and are part of a 14-CVE patch update.
The out-of-band patches follow a lighter-than-usual Patch Tuesday update earlier this month.
Infosec Insider content is written by a trusted community of Threatpost cybersecurity subject matter experts. Each contribution has a goal of bringing a unique voice to important cybersecurity topics. Content strives to be of the highest quality, objective and non-commercial.
Sponsored Content is paid for by an advertiser. Sponsored content is written and edited by members of our sponsor community. This content creates an opportunity for a sponsor to provide insight and commentary from their point-of-view directly to the Threatpost audience. The Threatpost editorial team does not participate in the writing or editing of Sponsored Content.
