In this video, courtesy of Kaspersky’s Lab Matters, Ryan Naraine talks with David Lenoe, Head of the Product Security Incident Response Team, Adobe, about that company’s process for responding to security vulnerabilities in its products. Among other things, Lenoe talks about Adobe’s guidelines for issuing an emergency “out of band” patch and some data on the impact of new security features, like Adobe Protected Mode.
A worm called EternalRocks has been spreading seven Windows SMB exploits leaked by the ShadowBrokers, including EternalBlue, which was used to spread WannaCry.
Tools are beginning to emerge that can be used to begin the process of recovering files encrypted by WannaCry on some Windows systems.
VMware fixed two bugs in its VMware Workstation late Thursday night, including an insecure library loading vulnerability and a NULL pointer dereference vulnerability.