Syber Group
Toll Free : 855-568-TSTG(8784)
Subscribe To : Envelop Twitter Facebook Feed linkedin

Adobe Says No To Android’s Chrome

February 17, 2012 by  
Filed under Internet

Comments Off on Adobe Says No To Android’s Chrome

Chrome for Android will not run Flash Player, the popular software that Apple has famously banned, Adobe confirmed Wednesday.

The acknowledgment was no surprise: Last November, Adobe announced it was abandoning development of Flash for mobile browsers. In other words, Google missed the Flash boat by several months.

“Adobe is no longer developing Flash Player for mobile browsers, and thus Chrome for Android Beta does not support Flash content,” said Bill Howard, a group product manager on the Flash team, in an Adobe blog Tuesday.

The stock Android browser included with the operating system does support Flash, noted Howard.

Adobe explained its decision to halt work on Flash Player for mobile browsers as necessary to shift resources, notably to its efforts on HTML5, the still-developing standard that will ultimately replace many of the functions Flash has offered.

“We will continue to leverage our experience with Flash to accelerate our work with the W3C and WebKit to bring similar capabilities to HTML5 as quickly as possible,” Danny Winokur, the Adobe executive in charge of interactive development, said last year. He was referring to the World Wide Web Consortium standards body and WebKit, the open-source browser engine that powers Chrome and Apple’s Safari. “And we will design new features in Flash for a smooth transition to HTML5 as the standards evolve.”

Analysts read the move as a tacit surrender to the trend, first seen at Apple, to skip support for Flash on smartphones and tablets. In 2010, former Apple Steve Jobs had famously dismissed Flash as unsuitable for mobile devices because it was slow, drained batteries and posed security problems.

Source…

Yahoo Messenger Flaw Exposed

December 10, 2011 by  
Filed under Around The Net

Comments Off on Yahoo Messenger Flaw Exposed

An unpatched Yahoo Messenger vulnerability that allows hackers to change people’s status messages and possibly perform other unauthorized functons can be exploited to spam malicious links to a large number of users.

The flaw was discovered in the wild by security researchers from antivirus vendor BitDefender while investigating a customer’s report about unusual Yahoo Messenger behavior.

The flaw appears to be located in the application’s file transfer API (application programming interface) and allows attackers to send malformed requests that result in the execution of commands without any interaction from victims.

“An attacker can write a script in less than 50 lines of code to malform the message sent via the YIM protocol to the attacker,” said Bogdan Botezatu, an e-threats analysis & communication specialist at BitDefender.

“Status changing appears to be only one of the things the attacker can abuse. We’re currently investigating what other things they may achieve,” he added.

Victims are unlikely to realize that their status messages have changed and if they use version 11.5 of Yahoo Messenger, which supports tabbed conversations, they might not even spot the rogue requests, Botezatu said.

This vulnerability can be leveraged by attackers to earn money through affiliate marketing schemes by driving traffic to certain websites or to spam malicious links that point to drive-by download pages.

Source….

Adobe Patches Security Holes in Flash

September 28, 2011 by  
Filed under Computing

Comments Off on Adobe Patches Security Holes in Flash

Adobe has released a security update for Flash Player in order to address several critical vulnerabilities, including one that is being exploited in the wild.

The Flash Player 10.3.183.10 for Windows, Mac and Linux, and Flash Player 10.3.186.7 for Android, contain patches for six security flaws.

One of them is a cross-site scripting (XSS) weakness that can be exploited to execute rogue actions on behalf of web sites or webmail providers if victims click on maliciously-crafted links.

“There are reports that this issue is being exploited in the wild in active targeted attacks designed to trick the user into clicking on a malicious link delivered in an email message,” Adobe warns in its security advisory.

XSS vulnerabilities are the result of improper user input validation and allow attackers to execute rogue code in the context of the current web site. For example, they can be leveraged to extract session cookies or load rogue forms into legitimate pages, which makes for very credible phishing attacks.

Adobe credits Google for reporting this cross-site scripting vulnerability, which is identified as CVE-2011-2444. This means it might have been detected in attacks against Gmail users.

Two other patched vulnerabilities allow for arbitrary code execution and are located in the AVM stack. One of them can also lead to a denial of service condition. Two remote code execution logic errors and a Flash Player security control bypass have also been addressed.

Users should deploy the new update as soon as possible because browser plug-ins like Java, Adobe Reader or Flash Player are amongst the most attacked pieces of software one can have on a computer. However, unlike Adobe Reader X (10.0) which features sandboxing technology, Flash Player doesn’t have any anti-exploitation mechanism built-in.

Read More……

Flash Player 11 Launched With 3D Gaming

September 26, 2011 by  
Filed under Computing

Comments Off on Flash Player 11 Launched With 3D Gaming

Adobe Systems announced Flash Player 11 and Adobe Air 3 software Wednesday to assist developers in building more sophisticated applications with dozens of new features across smartphones and tablets as well as desktop computers.

The releases are Adobe’s biggest in two years, and will be available free of charge in early October, said Anup Murarka, Adobe’s director of product marketing. The related tools, Flash Builder and Flex, will support new features in Flash Player 11 and Adobe Air 3 by the end of the year.

The releases will enable delivery of 2D and 3D games over the Internet to various devices, Murarka said. Developers of enterprise applications will also find the 3D capabilities popular for data-centric apps. Enterprises, for example, will be able to build application dashboards to “visualize complex data sets” with 3D images, he said.

Developers will also be able to use the tools to more deeply integrate business software like Excel and Outlook in devices and to access hardware programming interfaces for functions such as Near-Field Communication being used more widely in smartphones, Murarka said.

The new versions will also help developers build more secure applications with the ability to leverage cryptographically secure random number generation, he said.

Read More…..