Protecting over 230 million PCs, Macs, & Mobiles – more than any other antivirus

Archive

Posts Tagged ‘adobe’
July 17th, 2015

Patches from Adobe, Oracle, and Microsoft released

Avast Software Updater helps you apply software updates.

Earlier this week, we told our readers about the three Flash Player zero-day vulnerabilities that were found in stolen files that were leaked from the Hacking Team. We advised Avast users to disable Flash until the bugs are fixed.

It doesn’t look good for Flash. Because of the continuing security problems facing the 20-year old platform, Google and Mozilla each announced this week that their Web browsers will eventually be dropping default support for Adobe Flash, and Facebook’s new security chief wants to kill Flash. For now you can still use it, but the reports of it’s death are not greatly exaggerated…

Read more…

July 13th, 2015

Adobe Flash zero-day vulnerabilities threaten your security

Last Friday, Adobe confirmed two new “critical” zero-day flaws in the Adobe Flash Player browser plugin 18.0.0.204 – and earlier versions – for Windows, Mac OS X, and Linux. Today, a third flaw was found. Adobe Flash Player is a widely distributed multimedia and application player used to enhance the user experience when visiting web pages or reading email messages.

We recommend disabling Flash until the bugs are fixed. 

Three "critical" zero-day flaws in Adobe Flash Player discovered

Three “critical” Flash zero-day flaws in Adobe Flash Player discovered

Security experts say the two flaws were found in stolen files that were dumped earlier this month from Hacking Team, an Italian security firm that sells communication interception and surveillance software to governments around the world. The third one came from the same documents.

“Successful exploitation could cause a crash and potentially allow an attacker to take control of the affected system,” Adobe said in their blog. “Depending on the privileges associated with the user account targeted, an attacker could install programs on the system, alter or delete data, create new accounts with similar user rights, or cause a denial-of-service.”

Read more…

October 14th, 2014

Adobe gathers data from your eBook reader

Image from http://www.quickmeme.com

Security and privacy violations in Adobe’s Digital Editions eBook and PDF reader were discovered last week.

“This is a privacy and security breach so big that I am still trying to wrap my head around the technical aspects, much less the legal aspects,” researcher Nate Hoffelder wrote in The Digital Reader blog post.

If you check out eBooks from your local library and read from a digital reader like a Nook, Kobo, or other non-Amazon eBook reader, then you have probably used Adobe’s free Digital Editions software.

Hoffelder said that Adobe is gathering user data on the eBooks that have been opened, which pages were read, and in what order, as well as metadata such as title and publisher –and all of it is being sent to Adobe’s servers in plain text. That means anyone who is interested and has the means, say, the National Security Agency or your ISP, could be reading over your shoulder. That’s not good. In fact, it’s very bad, as well as illegal.

It is hoped that Adobe’s Tuesday update will include a plug for the Digital Editions leak, but more likely it will be next week. In a statement to the American Library Association, Adobe reports they “expect an update to be available no later than the week of October 20” in terms of transmission of reader data.”

Thank you for using avast! Antivirus and recommending us to your friends and family. For all the latest news, fun and contest information, please follow us on FacebookTwitter and Google+. Business owners – check out our business products.

October 13th, 2014

Big updates coming from Microsoft, Oracle and Adobe this Tuesday

Patch Tuesday Oct 2014

Pour yourself a cup of coffee; this could take a while.

One of the biggest “Patch Tuesday” fixes is happening October 14, when vital updates will be available from three companies at the same time.

We are all used to the monthly Patch Tuesdays from Microsoft and Adobe, but this month the quarterly updates from Oracle, the parent of problem child Java SE, coincide, making it a pretty big day for securing your system. Avast experts agree that one of the most important steps you can take to securing your data and devices is to make sure that you keep your software up-to-date.

Microsoft

Microsoft leads off the normal Patch Tuesday with the release of 9 security updates across products including a critical patch of Internet Explorer, all supported versions of Windows, and the .NET development framework.

Oracle

Oracle’s Critical Patch Update is a collection of patches for multiple security vulnerabilities. It contains 155 new security fixes across hundreds of Oracle products; 25 of them for Oracle Java SE. Oracle warns that “these vulnerabilities may be remotely exploitable without authentication, i.e., may be exploited over a network without the need for a username and password. “ That’s not good, if you were wondering.

“I would suggest removing Java if possible or at least turning it off in all your browsers,”  advises Jiri Sejtko, director of AVAST Virus Lab operations. Here are removal instructions for the most popular browsers: How do I disable Java in my browser?

Adobe

It is hoped that Adobe’s Tuesday update will include a plug for the big Digital Editions e-book and PDF reader hole, but more likely it will be next week. In a statement to the American Library Association, Adobe reports they “expect an update to be available no later than the week of October 20” in terms of transmission of reader data.

Tuesday’s patch will probably include a fix for bugs in Adobe Flash Player.

avast! Software Updater shows you an overview of all your outdated software applications, so you can keep them up to date and eliminate any security vulnerabilities.  All avast! security products inform you whenever any of your 3rd party applications are out-of-date and you can apply updates manually by clicking the ‘Fix now’ button next to each conflicting application. avast! Premier can be configured to perform these updates automatically.

Thank you for using avast! Antivirus and recommending us to your friends and family. For all the latest news, fun and contest information, please follow us on FacebookTwitter and Google+. Business owners – check out our business products.

December 6th, 2013

Ignoring update warnings makes you a sitting duck for malware

We all see the reminders to update Adobe Reader, Adobe Flash, and Java frequently. There is good reason not to put this task off: The trusted researchers at AV-TEST Institute found that 66 percent of affected Windows systems are victims of malware that took advantage of exploits found in Reader, Flash, and Java.

During the 10-year study, they found that Adobe Reader has nearly 37,000 recorded variants that exploit user machines with “high levels of precision.” Java gets the top spot for exploit attacks with a whopping 82,000 attack variations available against the multiple versions of software on 3 billion devices worldwide.

The top 10 list of the most frequently infected file types from AV-TEST.

The top 10 list of the most frequently infected file types from AV-TEST.

 

Can I just stop using Java or Flash?

Not really. Surfing the web without Java and/or JavaScript is virtually impossible given that practically every website uses it in some way to display images, videos, and interactive content. Currently, there are no direct alternatives to Java or Flash for browsers. There are several alternatives to Adobe Reader which display PDFs on your system. You can see what AV-TEST recommends in their report.

Does avast! Antivirus provide protection?

Read more…

Categories: General Tags: , , , ,