Your one-stop web resource providing safety and security information to manufacturers

Not only does Microsoft enjoy Patch Tuesday, but so does Adobe as the company released security updates for its Flash Player and Shockwave Player products as well as hotfixes for ColdFusion.

The security updates close critical vulnerabilities. Of the hotfixes for ColdFusion, one rated as “Critical,” while the other “important.”

Adobe Fills Hole in Flash, AIR
Adobe in Patch Mode
PDF Hole Used in APT Attacks
Reader PDF Tracking Bug

The patches for Flash Player fix security holes that allowed potential attackers to trigger crashes and take control of affected systems. Windows and Mac users should update to version 11.8.800.94. An update to version is available for Linux. The versions of Flash Player for Google Chrome (11.8.800.97) and for Internet Explorer 10 (11.8.800.94) should update automatically. Recent Android 4.x systems can become current by updating to Older versions of Android such as 3.x and 2.x should update to version of Flash Player.

The security hole in Adobe’s Shockwave also enables attackers to execute malicious code on a system. Windows and Mac OS X users can fix their players by updating to version

Cyber Security

Two hotfixed vulnerabilities were in Adobe’s ColdFusion. In ColdFusion 10 for Windows, Mac OS X and Linux, security hole CVE-2013-3350 enables attackers to “invoke public methods on ColdFusion Components using WebSockets.” Security hole CVE-2013-3349 in ColdFusion versions 9.0, 9.0.1 and 9.0.2 that run on JRun could trigger Denial-of-Service (DoS) scenarios. This hole doesn’t affect ColdFusion 10.

Pin It on Pinterest

Share This