IT Pro is supported by its audience. When you purchase through links on our site, we may earn an affiliate commission. Learn more

Adobe patches two critical flaws

Shockwave and RoboHelp flaws are covered by Adobe in a busy week for patching.

Security

Adobe has issued two patches for critical vulnerabilities affecting its Shockwave Player software and RoboHelp for Word authoring product.

Two bulletins were issued on Tuesday, one of them addressing nine security flaws most of them memory corruption vulnerabilities - in Shockwave version 11.6.3.633 and earlier versions on Windows and Mac OS.

"These vulnerabilities could allow an attacker, who successfully exploits these vulnerabilities, to run malicious code on the affected system," Adobe said in its advisory.

These vulnerabilities could allow an attacker, who successfully exploits these vulnerabilities, to run malicious code.

There was just one vulnerability - CVE-2012-0765 in RoboHelp, affecting Windows users only.

"A specially crafted URL could be used to create a cross-site scripting attack on Web-based output generated using RoboHelp for Word," Adobe warned in a separate advisory.

"Adobe recommends users update their product installation."

Microsoft yesterday issued its Patch Tuesday release for February, covering 21 vulnerabilities, including a critical update to Internet Explorer.

The patches came on the same day security company Secunia slammed the software industry for not doing enough to promote patching and ease the burden for IT managers.

Secunia's annual patch report found none of the top 20 software providers, including tech giants like Apple, Microsoft and Google, were able to cut the number of flaws in their products over the past five years.

"Vendors in general should improve their communication to customers and the patch distribution mechanism (for consumers that would imply auto updating)," said Thomas Kristensen, chief security officer at Secunia.

Featured Resources

Big data for finance

How to leverage big data analytics and AI in the finance sector

Free Download

Ten critical factors for cloud analytics success

Cloud-native, intelligent, and automated data management strategies to accelerate time to value and ROI

Free Download

Remove barriers and reconnect with your customers

The $260 billion dollar friction problem businesses don't know they have

Free Download

The future of work is already here. Now’s the time to secure it.

Robust security to protect and enable your business

Free Download

Recommended

Adobe forced to patch its own failed security update
bugs

Adobe forced to patch its own failed security update

18 Feb 2022
Ten ways to protect your company from the next big data breach
data breaches

Ten ways to protect your company from the next big data breach

18 Feb 2022
Gumtree site code made personal data of users and sellers publicly accessible
data protection

Gumtree site code made personal data of users and sellers publicly accessible

16 Dec 2021
Pizza chain exposed 100,000 employees' Social Security numbers
data breaches

Pizza chain exposed 100,000 employees' Social Security numbers

19 Nov 2021

Most Popular

How to secure your hybrid workforce
Advertisement Feature

How to secure your hybrid workforce

23 Sep 2022
What your hybrid workforce needs from their laptops
Advertisement Feature

What your hybrid workforce needs from their laptops

21 Sep 2022
Why collaboration is key to digital transformation
Sponsored

Why collaboration is key to digital transformation

13 Sep 2022