Adobe To Push Emergency Fix For Flash Bug - Slashdot

Slashdot

Adobe To Push Emergency Fix For Flash Bug 78

Posted by samzenpus on Wednesday November 03, 2010 @01:29PM
from the hurry-up dept.

Trailrunner7 writes "Adobe has moved up the release date for the patch for the critical bug in Adobe Flash Player revealed last week, and now plans to have an emergency fix ready on Thursday. The company still plans to patch Reader two weeks from now. The vulnerability in Flash also exists in Reader and researchers said last week that attackers had already begun exploiting the bug in Reader by the time that Adobe acknowledged the problem and published an advisory. At the time of the initial advisory, Adobe officials said they planned to release a patch for Flash on Nov. 9 and for Reader on Nov. 15."

This discussion has been archived. No new comments can be posted.

Adobe To Push Emergency Fix For Flash Bug

Search 78 Comments Log In/Create an Account

Comments Filter:

Re:I have a question (Score:3, Insightful)

by llung (1841162) writes: on Wednesday November 03, 2010 @01:51PM (#34114552)

And that testing is only as good as what it does test for. Really good QA is tough stuff and unfortunately, that level of expertise is often undervalued. Adobe has been pushing out lots of updates as of late. Good that they're doing it; bad that it's so often.

Parent Share
twitter facebook linkedin
Re:Don't care... (Score:5, Insightful)

by FranTaylor (164577) writes: on Wednesday November 03, 2010 @01:53PM (#34114594)

You are fucking stupid to have flash installed on any machine with ANY information in it.
Yes those computers with no information stored in them would be much safer, if they could exist.

Parent Share
twitter facebook linkedin
Re:I have a question (Score:2, Insightful)

by MichaelKristopeit132 (1934228) writes: on Wednesday November 03, 2010 @01:53PM (#34114596)

there would be no software at all....

Parent Share
twitter facebook linkedin
Third party plugins & apps (Score:3, Insightful)

by savvysteve (1915898) writes: on Wednesday November 03, 2010 @02:14PM (#34114834)

In my experience outdated third party plugins like flash, reader and even java seem to be the way a lot of the attacks are happening lately. I watched a fake antivirus load to my PC after it somehow launch adobe reader about a year ago. An outbreak of fake antiviurses on machines revealed the same outdated version of java loaded on those machines. Sadly the end users affected normally were pretty good about their surfing habits even though the job required a lot of research work. It isn't just windows updates to worry about anymore.

Share
twitter facebook linkedin
Re:I have a question (Score:5, Insightful)

by rgviza (1303161) writes: on Wednesday November 03, 2010 @03:09PM (#34115558)

These are not the droids you're looking for.

On a serious note, why badmouth IT people just because adobe's products are broken?

Personally I'd be simply dumping flash and pdfs, at the proxy/email servers, til adobe fixes their software. Send out note to entire company: Due to extreme security risk in adobe's products we must block flash and pdf content in web pages and email until further notice.

It's against policy (written or unwritten) in a lot of shops to deploy beta software to users so intermediate patching wouldn't be kosher in a lot of places. It'd likely get you fired in a significant number of shops, especially in government, financial and medical industries where compliance with federal information security regulations is important.

It's usually not a preference for the IT "droid". At the beginning of my career (I'm a software engineer now), we just did what we were told to do by the boss after we informed him of a problem. I'm pretty sure it still works the same way, at least if you want to stay employed. I was actually in the software patching automation group. We deployed what we were told to. We could care less what it was we were shipping out as long as the package worked.

If we were handed an adobe update on tuesday, then another one on thursday, no one would have cared one iota that it was for the same product. We'd just push it out.

Parent Share
twitter facebook linkedin
Re:flash update (Score:3, Insightful)

by zonky (1153039) writes: on Wednesday November 03, 2010 @03:39PM (#34115960)

What makes you think reader 8 is any better, security rise? It's just unsupported.

Parent Share
twitter facebook linkedin
Amen (Score:3, Insightful)

by ThatsNotPudding (1045640) writes: on Thursday November 04, 2010 @07:36AM (#34122746)

How is this even legal, given they are security updates? Plus, we now have to seek out the more obscure 'clean' update to prevent the Adobe Download Manager (DLM) from infecting our browsers. Adobe is really starting to feel like a virus.

Parent Share
twitter facebook linkedin

There may be more comments in this discussion. Without JavaScript enabled, you might want to turn on Classic Discussion System in your preferences instead.

Related Links Top of the: day, week, month.

802 commentsJudge Orders Child Porn Suspect To Decrypt His Hard Drives
377 commentsWhy Everyone Gets It Wrong About BYOD
334 commentsLast Forking Warning For Bitcoin
209 comments450 Million Lines of Code Can't Be Wrong: How Open Source Stacks Up
203 commentsIranian Hackers Probe US Infrastructure Targets

The sooner you fall behind, the more time you have to catch up.