Patch/Configuration Management, Vulnerability Management

Adobe Patch Tuesday: Flash Player receives updates for seven critical flaws

May 9, 2017

Adobe addressed seven critical flaws for Flash Player along with a single issue with Adobe Experience Manager that is rated as an important issue to be resolved.

Six of the Flash Player vulnerabilities noted by Adobe (CVE-2017-3068, CVE-2017-3069, CVE-2017-3070, CVE-2017-3072, CVE-2017-3073 and CVE-2017-3074) resolve memory corruption vulnerabilities that could lead to code execution, according to the company. The seventh, CVE-2017-3071, resolves a use-after-free vulnerability that could lead to code execution.

The updates are for those Windows, Macintosh, Linux and the Chrome operating systems.

The lone vulnerability for Adobe Experience Manager, CVE-2017-3067, affects the Windows, Linux, Solaris and AIX platforms and resolves an information disclosure issue resulting from abuse of the pre-population service in AEM Forms, Adobe reported.

Doug Olenick

Vulnerability Management

Apple patches TCC bypass vulnerability

SC StaffDecember 19, 2024

The vulnerability, tracked as CVE-2024-44131, was discovered in the FileProvider component and has been fixed in iOS 18, iPadOS 18, and macOS Sequoia 15 through improved validation of symbolic links.

concept of leaky software, data with a tap sticking out.3d illustration

Data Security

Misconfiguration exposes Virtavo security cam user data

SC StaffDecember 18, 2024

Over 8.7 million records, many of which are duplicates, were discovered within the server, including user phone numbers, network information, device identifiers, performance metrics, and other personal details, according to Cybernews researchers.