In this video, courtesy of Kaspersky’s Lab Matters, Ryan Naraine talks with David Lenoe, Head of the Product Security Incident Response Team, Adobe, about that company’s process for responding to security vulnerabilities in its products. Among other things, Lenoe talks about Adobe’s guidelines for issuing an emergency “out of band” patch and some data on the impact of new security features, like Adobe Protected Mode.
Google engineers have spent the last several years moving many of the company’s online services
Dennis Fisher and Mike Mimoso discuss the Windows HTTP.sys vulnerability, Google’s decision to turn off the NPAPI in Chrome and the voting machine security disaster in Virginia.
Public denial-of-service exploits for a critical vulnerability in Microsoft’s implementation of the HTTP protocol stack, HTTP.sys are under way, while remote code execution attacks may still be to come.