(get it in RSS or Atom)

Patch Tuesday wrap-up, September 2014 - why even a single-bit data leak is worth fixing


Here's what you need to know about the September 2014 Patch Tuesday updates from Microsoft and Adobe...

Patch Tuesday wrap-up, August 2014: RCE + ASLR bypass + EoP == patch early, patch all!


Patch Tuesday is here again.

Paul Ducklin explains how this month's vulnerabilities can work together for harm, and why *all* the updates matter, not just the ones that ended up with a "critical" or "severe" tag...

Adobe breach THIRTEEN times worse than thought, 38 million users affected


Adobe originally estimated that the breach affected around 2.9 million users. As it turns out the number is actually 38 million, with the information taken including Adobe IDs, encrypted passwords, customer names, encrypted debit and credit card numbers, expiry dates and customer order details.

Adobe's first update since the Big Breach - RoboHelp, Acrobat and Reader get patches


Adobe's Patch Tuesday fixes are out.

This is business as usual, promised long in advance and expected toay, so there isn't anything in it related to the company's recent network intrusion woes. (We hope!)

Adobe has Patch Tuesdays, too - a reader reminds us!


Naked Security reader Haemish Edgerton just gave us a very polite but effective scolding for neglecting to mention the Adobe fixes that came out on Tuesday.

Point taken, so here's a table of what Adobe updated, and how to see what versions you should now be on.

That was quick! Adobe's emergency patch for Reader and Acrobat is here...


Adobe has released the emergency update for Reader and Acrobat that it promised late last week.

You may as well take advantage of Adobe's new-found velocity and get busy patching!

No patch yet for Adobe PDF exploits - Adobe suggests a workaround; Mac and Linux users need not apply

No patch yet for Adobe PDF exploits - Adobe suggests a workaround, but Mac users need not apply

Adobe issues advice on how to mitigate the latest exploits against its PDF Reader software.

For Windows users, anyway. Mac and Linux fans are still out in the cold.

Adobe investigates PDF Reader zero-day vulnerability reports

Adobe investigates PDF Reader zero-day vulnerability reports

Adobe's security team has said that it is investigating reports of a brand new zero-day vulnerability affecting its Adobe Reader and Acrobat XI (11.0.1) products.

Always be wary of opening unsolicited PDF files!

Patch Tuesday - what to know and what to do for Microsoft and Adobe users

Patch Tuesday - what to know and what to do for Microsoft and Adobe users

Both Adobe and Microsoft published Patch Tuesday updates this week.

There are plenty of issues to be concerned about - so we've written up our recommendations to help you prioritise your own patching...

Patch Tuesday April 2012 - Critical updates for Windows, Office and Adobe Reader

Patch Tuesday for October 2012

Microsoft released six patches for eleven vulnerabilities today for Windows, Office, SQL and other products. Adobe also updated their Reader app to fix four vulnerabilities that can be exploited by malicious PDF files.

How NOT to redact a PDF - Military radar secrets spilled

How NOT to redact a PDF - Air defence radar secrets spilled

The UK Ministry of Defence has been caught out again by a schoolboy error - not knowing how to properly redact a PDF.

As we've explained before, if you're an organisation that is making public an internal document, you best make sure that you have deleted or blacked out any personal, confidential or actionable information.

Patch Tuesday part two - Adobe patches Reader, Flash and more

adobe logo

Adobe's Patch Tuesday quarterly release is out and fixes many critical vulnerabilities. Time to patch Reader, Acrobat, Shockwave, Flash, ColdFusion, LifeCycle and Blaze...

How NOT to redact a PDF - Nuclear submarine secrets spilled

How NOT to redact a PDF - Nuclear submarine secrets spilled

A silly error leaves egg on the face of the British military - but have you learnt the lessons of how to properly redact a PDF?

Who ordered spam? New trick in PDF malware uncovered

Who ordered spam? New trick in PDF malware uncovered

SophosLabs researcher Paul Baccas takes a close look at a PDF malware campaign.

Adobe issues critical zero-day patch for Reader and Acrobat

adobe logo

Adobe have just released an out-of-cycle patch to address a critical vulnerability (CVE-2011-0609) in Adobe Reader and Acrobat for Windows and Mac. Naked Security recommends that all users update now.

Patch Tuesday for February 2011 - Adobe and Microsoft


Microsoft released 12 fixes as part of their monthly Patch Tuesday and Adobe released critical fixes for Flash Player, Shockwave Player and Adobe Reader/Acrobat. Read on to find out why you should update now!

PDF security under the microscope: A review of OMG-WTF-PDF


SophosLabs researcher Paul Baccas takes a close look at a PDF security research paper written by FireEye's Julia Wolf.

Confused by Adobe? There's a security update in there somewhere!


If you've been following Adobe news this week, you're probably as confused as I am.

The big news is that Adobe Acrobat X is out. But what else do you need to know?

Critical zero-day vulnerability found in Adobe Flash, Reader, Acrobat

Adobe products suffer from critical vulnerabilities

Adobe Flash, Reader and Acrobat are vulnerable to security holes that could allow malicious hackers to take control over your computer.

Mammoth security patch rushed out for Adobe Acrobat and Reader

Adobe logo

Adobe has issued a security bulletin urging users of its Adobe PDF Reader and Acrobat products to update their software before hackers take advantage of at least 23 vulnerabilities in the software. In a clear sign of the seriousness posed Read more…