As promised last year, Adobe has been issuing its scheduled Flash updates on the second Tuesday of each month - the same day that Microsoft chose for its monthly Patch Tuesday.
Day two of the Pwn2Own competition at CanSecWest was again successful for French Vupen security, as they succeeded in exploiting Adobe Flash on Internet Explorer 9 on Windows 7 by chaining together three zero-days (an overflow, a ASLR bypass technique and a IE9 sandbox memory corruption) and earning themselves another $70,000.
With all the Flash Player and Java zero-day vulnerabilities lately getting exploited in attacks, browser vendors are trying to come up with solutions to protect their users without antagonizing them with lengthy hoop-jumping.
As you may already heard, Adobe has pushed out an update for Flash Player that fixes vulnerabilities discovered to be currently exploited in the wild in targeted attacks.
Adobe is urging users to update their Flash Player for the third time this month, as once again the company is aware of vulnerabilities being exploited in the wild in targeted attacks.
Reading our newsletter every Monday will keep you up-to-date with security news.
Receive a daily digest of the latest security news.