zero

Adobe will release a fix on Tuesday for a critical hole in Adobe Reader and Acrobat that is being used to attack PCs, the company announced today.

The zero-day vulnerability, which Adobe warned of three weeks ago, could allow an attacker to take control of the affected computer.

Adobe will release updates for Adobe Reader 9.3.4 for Windows, Macintosh, and UNIX; Adobe Acrobat 9.3.4 for Windows and Macintosh; and Adobe Reader 8.2.4 and Acrobat 8.2.4 for Windows and Macintosh to resolve issues in Reader and Acrobat and Flash Player.

Adobe issued an … Read more

How confident are you that your computer is safe from an online attack?

Chances are you rely on vendors like Microsoft and Apple to let you know when a security update is ready to be installed. (Google updates systems automatically.)

But until a patch is released, that hole--known as a zero-day vulnerability--in effect makes your computer a sitting duck for anyone who writes an exploit for it and bothers to distribute it via e-mails and drive-by downloads on Web sites.

EEye Digital Security launched a Web site yesterday that lists current zero-day vulnerabilities and offers an archive on ones that … Read more

Adobe issued a fix today for a critical hole being exploited in Flash Player, at least a week earlier than planned.

The company had warned of the vulnerability a week earlier and said it would release a fix the week of September 27. The critical vulnerability, which could allow an attacker to take control of a computer, affects Adobe Flash Player 10.1.82.76 and earlier versions for Windows, Mac, Linux, Solaris, and Android, according to the advisory.

The hole also affects Adobe Reader 9.3.4 and earlier version for Windows, Mac, and Unix, and Adobe Acrobat 9.… Read more

Adobe Systems on Monday warned of a zero-day hole in Flash Player that reportedly is being exploited in the wild and could allow an attacker to take control of a computer.

The critical vulnerability affects Adobe Flash Player 10.1.82.76 and earlier versions for Windows, Mac, Linux, Solaris, and Android. It also affects Adobe Reader 9.3.4 and earlier version for Windows, Mac, and Unix and Adobe Acrobat 9.3.4 and earlier versions for Windows and Mac. Adobe is not aware of any attacks exploiting the hole against Adobe Reader or Acrobat, the company said in … Read more

Adobe on Wednesday warned of a zero-day hole in Reader and Acrobat that is reportedly being exploited in the wild.

The critical vulnerability is in Adobe Reader 9.3.4 and earlier versions for Windows, Macintosh, and UNIX, and Adobe Acrobat 9.3.4 and earlier versions for Windows and Macintosh, according to the security advisory. The hole could allow an attacker to take control of an affected computer and potentially affects millions of computers using the Adobe software, which is the most popular PDF (portable document format) viewer.

The company said it is evaluating the schedule for releasing a … Read more

Drivers in Geneva on Monday set off for a round-the-world rally in solar-powered vehicles to showcase the potential of electric vehicles.

The challenge is see whether the four teams can complete the 80-day trip emissions-free, according to Zero Race organizer Louis Palmer, who drove his own "solar taxi" through 38 countries over 18 months.

The typical look of a solar car is more like that of a spaceship than of a sedan, being only a few feet off the ground, oval-shaped, and covered with solar cells. The two-passenger vehicles in the Zero Race are more familiar, because they … Read more

In October 2006, security researcher H.D. Moore discovered a serious problem with the way applications running on Windows display rich text content.

He reported the vulnerability to Microsoft and nearly four years later it's still not fixed, despite the fact that it could be exploited to run malicious code on a PC and take control of it.

Unfortunately, this is not an isolated incident. According to the Zero Day Initiative, which serves as a broker between security researchers who find flaws and software companies who need to fix them, there are 122 outstanding vulnerabilities that have been reported … Read more

As of Wednesday, software vendors will have a deadline to fix vulnerabilities reported to them by TippingPoint's Zero Day Initiative rather than allowing holes to remain unpatched indefinitely.

Vendors will be required to fix the holes within six months, said Aaron Portnoy, manager of security research at TippingPoint, owned by Hewlett-Packard. TippingPoint runs the Zero Day Initiative, which acts a broker paying researchers for information on vulnerabilities and then providing the information to the vendors so they can fix them.

Extensions to the deadline will be given on a case by case basis, he said. If they don't … Read more

Microsoft issued four security bulletins on Tuesday to fix five holes in Windows and Office, including a critical vulnerability in a Windows Help and Support Center feature that has been targeted by attacks.

The vulnerability in the online help feature, which is delivered with supported editions of Windows XP and Windows Server 2003, could allow an attacker to take control of a computer by luring a computer user to a malicious Web site. The bulletin has a severity rating of "critical" for Windows XP and "low" for Windows Server 2003, according to the advisory.

Microsoft and others criticized … Read more