SecurityAdvisory
Latest
Adobe's Flash and Acrobat have 'critical' vulnerability, may allow remote hijacking
When Adobe said Flash gives you the full web experience, it meant it. Part and parcel of the web, as we all know, is the good old hacking community, which has been "actively exploiting" a vulnerability in Flash Player 10.0.45.2 (and earlier versions) and Adobe Acrobat and Reader 9.x to overtake people's machines and do hacky stuff with them. This so-called flaw also causes crashes, but that's probably not what's worrying you right now. Adobe says the 10.1 Release Candidate for Flash Player looks to be unaffected, while versions 8.x of Acrobat and Reader are confirmed safe. To remedy the trouble, the company advises moving to the RC for Flash, and deleting authplay.dll to keep your Acrobat from performing undesirable gymnastics. Oh boy, Steve's gonna have a field day with this one.
RIM finds security flaw in BlackBerry Enterprise Server
RIM has issued a security warning to BES admins about a problem with the BlackBerry Attachment Service and PDF files. The flaw apparently allows would-be hackers to execute malicious code with a specially crafted PDF file. The Waterloo messaging behemoth has listed BES versions 4.1 SP 3 through 4.1 SP5, and BlackBerry Unite! as affected and rated the severity as 9 out of a possible 10 -- with 10 being the highest level of fail. Thankfully a workaround is available on RIM's site involving disabling the processing of PDF files until RIM can issue a fix for the misery. Hit the read link for the dirty details.[Via PCWorld]
