Slashdot Mirror

← Back to Stories (view on slashdot.org)

Adobe To Push Emergency Fix For Flash Bug

Posted by samzenpus on from the hurry-up dept.

Trailrunner7 writes "Adobe has moved up the release date for the patch for the critical bug in Adobe Flash Player revealed last week, and now plans to have an emergency fix ready on Thursday. The company still plans to patch Reader two weeks from now. The vulnerability in Flash also exists in Reader and researchers said last week that attackers had already begun exploiting the bug in Reader by the time that Adobe acknowledged the problem and published an advisory. At the time of the initial advisory, Adobe officials said they planned to release a patch for Flash on Nov. 9 and for Reader on Nov. 15."

6 of 78 comments (clear)

  1. Contradiction of terms by Andy+Smith · · Score: 5, Funny

    "revealed last week"
    "emergency fix"
    "Thursday"

    1. Re:Contradiction of terms by MrEricSir · · Score: 4, Funny

      "Hello, 911, what's your emergency?"
      "I'm having a heart attack! Aaah, hurry!"
      "Okay, we can have someone over there by Thursday."
      "UUUGGGGYHH *thud*"

      --
      There's no -1 for "I don't get it."
  2. Re:Don't care... by FranTaylor · · Score: 4, Insightful

    You are fucking stupid to have flash installed on any machine with ANY information in it.

    Yes those computers with no information stored in them would be much safer, if they could exist.

  3. Flash forces McAfee on you by bubblegoose · · Score: 4, Informative

    The Flash updater annoyed me the last time I ran it. The last update I applied snuck some Mcafee software on to my machine.

    The flash updater now has the checkbox checked by default for mcafee security scan plus, and they moved the checkbox so you don't notice it when you are glancing at the installer.

    --
    I hope that someday we will be able to put away our fears and prejudices and just laugh at people. - Jack Handey
  4. Re:I have a question by Swanktastic · · Score: 4, Funny

    It's well known that North Korea publishes the most secure Hello World program in the world.

  5. Re:I have a question by rgviza · · Score: 4, Insightful

    These are not the droids you're looking for.

    On a serious note, why badmouth IT people just because adobe's products are broken?

    Personally I'd be simply dumping flash and pdfs, at the proxy/email servers, til adobe fixes their software. Send out note to entire company: Due to extreme security risk in adobe's products we must block flash and pdf content in web pages and email until further notice.

    It's against policy (written or unwritten) in a lot of shops to deploy beta software to users so intermediate patching wouldn't be kosher in a lot of places. It'd likely get you fired in a significant number of shops, especially in government, financial and medical industries where compliance with federal information security regulations is important.

    It's usually not a preference for the IT "droid". At the beginning of my career (I'm a software engineer now), we just did what we were told to do by the boss after we informed him of a problem. I'm pretty sure it still works the same way, at least if you want to stay employed. I was actually in the software patching automation group. We deployed what we were told to. We could care less what it was we were shipping out as long as the package worked.

    If we were handed an adobe update on tuesday, then another one on thursday, no one would have cared one iota that it was for the same product. We'd just push it out.

    --
    Don't kid yourself. It's the size of the regexp AND how you use it that counts.