As promised last year, Adobe has been issuing its scheduled Flash updates on the second Tuesday of each month - the same day that Microsoft chose for its monthly Patch Tuesday.
Day two of the Pwn2Own competition at CanSecWest was again successful for French Vupen security, as they succeeded in exploiting Adobe Flash on Internet Explorer 9 on Windows 7 by chaining together three zero-days (an overflow, a ASLR bypass technique and a IE9 sandbox memory corruption) and earning themselves another $70,000.
With all the Flash Player and Java zero-day vulnerabilities lately getting exploited in attacks, browser vendors are trying to come up with solutions to protect their users without antagonizing them with lengthy hoop-jumping.
As you may already heard, Adobe has pushed out an update for Flash Player that fixes vulnerabilities discovered to be currently exploited in the wild in targeted attacks.
Adobe is urging users to update their Flash Player for the third time this month, as once again the company is aware of vulnerabilities being exploited in the wild in targeted attacks.
By subscribing to our early morning news update, you will receive a daily digest of the latest security news published on Help Net Security.
With over 500 issues so far, reading our newsletter every Monday morning will keep you up-to-date with security risks out there.