For the second time this week, Adobe Systems has released a set of critical vulnerability patches.
An Adobe (NASDAQ: ADBE) spokesperson told InternetNews.com that the vendor released six critical patches for Flash Player 9 on Thursday and eight patches for five-month-old vulnerabilities in Adobe Reader and Acrobat 8.1.3 on Tuesday.
Vulnerabilities in Adobe applications are particularly dangerous because they are widely used on the Web, Chris Wysopal, chief technology officer at application security analysis vendor Veracode told InternetNews.com.
Enterprises, which are slow to upgrade, will be hardest hit by these bugs, which target older versions of the Adobe applications, Wysopal said.
RELATED ARTICLES
Adobe's Latest Flash Now Includes 3D Video
Yahoo Tightens HotJobs After Hackers Hit
Adobe Sites Hit by Malware
The latest versions of Adobe Reader and Acrobat are Version 9; and Adobe released Flash Player 10 in October.
The vulnerabilities in Adobe's applications are all JavaScript bugs. Wysopal said that any application that interprets JavaScript, which Adobe applications do, has a lot of vulnerabilities.
JavaScript has a global object that experts say is the root cause of cross site scripting attacks. Together with SQL injection attacks, it comprises about 60 percent of all Web site attacks.
Other applications, such as browsers, also have JavaScript vulnerabilities, but Adobe is coming under attack because it is a convenient target. Wysopal said hackers are turning their attention to applications from Adobe and other vendors using JavaScript because their traditional targets, browsers, have been hardened over the years.
LATEST NEWS
Blair Levin Calls for Citizen Participation
Bing Brings Twitter Into the Mix
CSC Teams With Microsoft on Cloud Services
FCC Gets to Work on Mapping Out Broadband Plan
Linux Vendors Head to the Cloud in Search of Cash"The vulnerabilities have always been there, it's just that hackers are now starting to scrutinize other client applications that interpret JavaScript and they're finding them," he added.
The popularity of Adobe's applications make it an even more desirable target. "Flash could be the most popular software in the world because it's a multiplatform application, and attackers go for large populations so they can hit the most machines," Wysopal said.







Digg
Del.icio.us
furl
StumbleUpon
Facebook
Tailrank
Technorati
Google Bookmarks
Yahoo Favorites
Windows Live
Ask
More stories by this author
