Adobe Systems and Oracle joined Microsoft in releasing security updates, fixing a total of 62 vulnerabilities between the two of them.
wasn't the only company to issue
April 13. Oracle and Adobe Systems pushed out updates to
their products as well.
47 security holes
in a massive update, the company's second of the year.
Sixteen of the Oracle vulnerabilities are tied to the Oracle Solaris (formerly
under Sun Microsystems) product suite. Eight of those 16 are remotely
exploitable without user authentication.
also fixed eight bugs in its e-business suite portfolio, seven
, one flaw in the Oracle Collaboration suite and
five security fixes for Oracle Fusion Middleware. In addition, the update included
patches for four bugs in Oracle PeopleSoft and JD Edwards EnterpriseOne Suite
and six fixes for vulnerabilities in the Oracle Industry Applications Suite.
meanwhile, fixed 15
in Adobe Reader and Acrobat and went forward with its plans
for its new updater technology. The feature, explained Adobe Director of
Product Security and Privacy Brad Arkin, will help protect users by ensuring
they are running the most current versions of Adobe software.
users who ever encountered a security problem using Adobe products were
attacked via a known vulnerability that was patched in more recent versions of
the software," he
. "The new updater technology was designed to address part of this
the new updater
, Windows users will be able to set Adobe Reader and Acrobat
to automatically download updates without any user interaction. Qualys CTO
Wolfgang Kandek said the feature should help slash the half-life-the time it
takes to cut the occurrence of a vulnerability by half-for many users.
overall half-life for Adobe Reader is slightly over 60 days, compared to just
under 30 days for all software, and under 15 days for core operating system
software," he said. "The silent updater will have a positive effect on updates
for Adobe. We see much better update performance on Adobe Reader v9 than for
the mix of v9/8 and v7 and attribute that to the existing updater in v9. I
would expect the silent updater to further increase this gap."