Archive for January, 2010

Security Bulletin – ColdFusion

A Security Bulletin was posted today providing a solution to an important security issue in ColdFusion.
This posting is provided “AS IS” with no warranties and confers no rights.

Security Bulletin – Adobe Shockwave Player

A Security Bulletin was posted today addressing critical security issues in Adobe Shockwave Player.
This posting is provided “AS IS” with no warranties and confers no rights.

Security update released for Adobe Reader and Acrobat

Today a Security Bulletin has been posted in regards to the January 12, 2010 quarterly security update for Adobe Reader and Acrobat. The update addresses critical security issues in the products, including a patch to resolve CVE-2009-4324 previously discussed in the Adobe PSIRT blog on December 15, 2009 (“Security Advisory APSA09-07 update“). Adobe recommends that users apply the updates for their product installations. Please note that support has ended for Adobe Reader 7.x and Acrobat 7.x for Windows, Macintosh and UNIX, and Adobe Reader 8.x for UNIX.
For more information on other security enhancements included in this update, please refer to the Adobe Reader blog.

This posting is provided “AS IS” with no warranties and confers no rights.

Microsoft Security Advisory (979267)

Microsoft Windows XP redistributes an earlier version of Adobe Flash Player (version 6) that is no longer supported. Adobe discontinued support for Adobe Flash Player 6 in 2006. As always, Adobe recommends that users follow security best practices by updating to the latest, most secure version of Adobe Flash Player (currently version 10.0.42.34), which is available for download from the Adobe Flash Player Download Center. (See also Microsoft Security Advisory 979267 on this topic.)
This posting is provided “AS IS” with no warranties and confers no rights.

Security Bulletin – Adobe Illustrator CS4 and Adobe Illustrator CS3

A Security Bulletin has been posted in regards to the Adobe Illustrator issue last discussed in the Adobe PSIRT blog on December 7, 2009 (“Security Advisory for Adobe Illustrator CS4 and Adobe Illustrator CS3“, CVE-2009-4195). Adobe recommends Adobe Illustrator CS4 and Adobe Illustrator CS3 customers update their installations in line with security best practices.
This posting is provided “AS IS” with no warranties and confers no rights.

Pre-Notification – Quarterly Security Update for Adobe Reader and Acrobat

A Security Advisory has been posted in regards to the upcoming Adobe Reader and Acrobat updates scheduled for January 12, 2010. The updates will address critical security issues in the products, including a critical vulnerability in Adobe Reader and Acrobat 9.2 and earlier (CVE-2009-4324), as described in a separate PSIRT blog last posted on December 15, 2009. This quarterly security update will be made available for Windows, Macintosh and UNIX.
We will continue to provide updates on the upcoming release via the Security Advisory section of the Adobe web site, as well as the Adobe PSIRT blog.
This posting is provided “AS IS” with no warranties and confers no rights.