Internet And Security Tools

Apple has released a new version of QuickTime (the 7.6.4), that solves four problems of security in their Windows and OS X.Two of the vulnerabilities affect the processing of H.264 encoding, so that an attacker could eventually lead to remote execution of arbitrary code if a user viewing a maliciously encoded movie on this standard. The other two vulnerabilities, which affect the FlashPix format and MPEG-4, also could allow remote execution of arbitrary code when viewing files in those formats. The update can be installed via the automatic update feature (Software Update) Apple, or depending on version and platform, downloaded directly from: Here

Adobe falls squarely within the world of solving security updates scheduled in this cycle no fewer than 29 security problems in its most popular software: readers and publishers of Adobe Reader and Acrobat PDF. It rivals Microsoft, which has been resolved in this cycle also 34 failures.

System administrators must walk still busy trying to upgrade their Microsoft and Adobe products. Adobe issued a statement in May by promising to improve its security policy. Basically, he said would improve the development code focusing on security, which would improve the incident response process, and would schedule regular updates for its products. In particular, every three months, the second Tuesday of each month. With a questionable approach, coincide with the days of renovation years ago chose Microsoft.

These promises inevitably recall the Trustworthy Computing that Microsoft had to implement in early 2002 (through a statement from Bill Gates himself) to try to address the continued suffering setbacks in security. It launched the Strategic Technology Protection Program (STPP) that later would bear fruit in projects that have been proven effective as Windows Software Update Services, Microsoft Operations Manager, the periodic update policy, systems fortified "by default", etc. . Still worse would come in 2003 with Blaster, but that already belongs to the prehistory, and Microsoft's efforts began to yield results years later.

Adobe has just released one of its first upgrade cycles with no fewer than 29 vulnerabilities addressed. Among them the one being used by attackers for weeks, and that allowed execution of arbitrary code through specially crafted PDF file. Microsoft corrected the same day 34, but in a much wider range of products.

Adobe begins to improve its security, seven years later than Microsoft (which still is adapting and assuming) ... In fact, as you begin to know Adobe as "the new Microsoft", inheriting their logistical problems in improving security and having to redesign its strategy (if perhaps too late), and acting re actively instead of having learned from other manufacturers. Now that Adobe is serious about security, we hope not necessary for so many years, as it is costing Microsoft, implement the results, since the world of malware is not the same as in 2002, and the consequences of problems security today are far more serious.