Russian based security company Group-IB announced a new zero day vulnerability in Adobe Reader 10 and 11.
Adobe unveiled Adobe Acrobat XI software with cloud services, a new solution that features newly integrated cloud services, including Web contracting with Adobe EchoSign and forms creation, data collection and analysis with Adobe FormsCentral.
Adobe has confirmed that one of their build servers that has access to the Adobe code signing infrastructure has been compromised, allowing attackers to digitally sign two malicious utilities with a valid Adobe code signing certificate.
Users who have downloaded and are using the "Release To Manufacturing" version of Windows 8 or the 90-day trial version of Windows 8 Enterprise should be aware that the Adobe Flash Player version integrated in Internet Explorer 10 hasn't been automatically updated by Microsoft and makes them vulnerable to code execution attacks due to four separate security flaws.
Documenting more than a year of research in XML technologies, this talk by Nicolas Grégoire at Hack in The Box 2012 Amsterdam details security implications of the XML format and its processing practices.
Reading our newsletter every Monday will keep you up-to-date with security news.
Receive a daily digest of the latest security news.