Important security updates for critical vulnerabilities in Adobe Illustrator CS4 (14.0.0) and Adobe Illustrator CS3 (13.0.3 and earlier versions) have been released by Adobe for Windows and Mac OS X.
The software maker said the vulnerabilities could lead to remote code execution by a hacker and advised users to update their systems using the patches provided.
Adobe also announced they will release important security updates for Adobe Reader and Adobe Acrobat on 12 January to resolve a critical vulnerability that is being exploited.
The versions requiring a security patch are Adobe Reader 9.2 and Acrobat 9.2 and Adobe Reader 8.1.7 and Acrobat 8.1.7 for Windows and Macintosh and Adobe Reader 9.2 for Unix.
The company has warned that these vulnerabilities could be used to execute code on affected computers or cause systems to crash and they have released a separate security advisory on what steps system administrators can take to mitigate against exploitation of the vulnerabilities until the patch is made available.
Adobe has been criticised for taking so long to recognise the vulnerability and release the update. Reportedly, exploits have been around for nearly two months.
The company has also been criticised for releasing the updates on the same day as Microsoft’s patch.

Share on Facebook

Category: Software News | 0 Comments |

Industry experts say cloud computing and virtualization are set to be the biggest areas of development in security during 2010.

Increasing collaboration between suppliers is expected by businesses as cloud and virtualization technologies bring in a new way of thinking about and doing security.

Virtualising client devises that allow organizations to manage computer equipment more efficiently will bring a surge of interest. This will lead to the creation of “dual use” devices for work and home, according to Graham Titterington, principal analyst at Ovum.

Built-in security will enable faster virtualization and cloud adoption, but organizations must think security before any implementations, said Eric Domage, research analyst at IDC.

Peter Sommer, professor of security at the London School of Economics warned that businesses should watch out that the costs of authentication and confidentiality do not outweigh the benefits.

Cloud assurance levels for cloud services will be a hot topic and enterprises will have the opportunity to take the lead in this process, however, the future of IT security budgets is unclear. While IDC expects organizations to unfreeze and even restore budgets, others foresee continued cuts and constraints.

Regulation and compliance promises to be another important security consideration in 2010, but organizations should be wary of compliance at the expense of security.

Joshua coman, research director at the 451 Group said: “We now fear the auditor more than the attacker, but a myopic focus on compliance frameworks is dangerous.”

Share on Facebook

Category: Software News | 0 Comments |