Adobe Flash and Acrobat Reader are so ingrained into our every day online experiences that, from a technical management perspective, it is well worth keeping up to date with security bulletins and advisories issued by the company.

Some of the latest bulletins include:

• A critical vulnerability in Flash Player version 10.0.42.34 which could be affected in such a way that it could allow unauthorised cross-domain requests. This is a potentially big issue as one of the advantages of Flash Player is its sandbox nature. Fortunately, a minor version upgrade is available (for Adobe Air version 1.5.3.1920 too) to take care of this particular issue.
• A number of critical security issues (including the Flash problem mentioned above) impacting Adobe Reader version 9.3 and 8.2 have recently been addresses in a recently released update to the application.

Bulletins and Advisories are categorised by one of four Severity levels: Critical, Important, Moderate and Low generally indicating their difficulty to exploit

Adobe also have a regularly updated blog, operated by the Product Security Incident Response Team, which has a handy feed – there isn’t as much detailed information as there used to be but it still offers a useful heads up – especially if you prefer to get your information using a feed reader.

Links and More Information

• See the latest Security Bulletins and Advisories from Adobe.
• See the latest posts from the Adobe Product Security Incident Response Team (PSIRT) blog.
• For more urgent notifications sign up for the Adobe Security Notification Service – regularly delivered by email.