- Connected Car: Start Thinking Security
- Rockwell Fixes Parser Buffer Overflow
- Oil and Gas Security ‘Not Keeping Pace’
- Ground Control Maker Stays SHARP
- Parsons Reapproved for OSHA Safety Program
- Worker Dies in Manufacturing Incident
- ARC: Open, Secure Systems Moving Forward
- ARC: Take ‘Crown Jewels’ Offline
Chemical Safety Incidents
Adobe Fixes Connect Hole
Tuesday, May 31, 2016 @ 04:05 PM gHale
Adobe released a patch last week for its Connect web conferencing software.
The fix takes care of some two dozen functionality bugs and one security flaw.
The vulnerability, tracked as CVE-2016-4118, affects Adobe Connect 9.5.2 and earlier for Windows. The flaw has a priority rating of 3 because Connect is a product attackers do not usually target.
The vulnerability is an untrusted search path issue affecting the Connect add-in installer. Attackers exploit the vulnerability to launch DLL loading attacks.
Adobe fixed the hole with the release of Adobe Connect 9.5.3. Adobe advises administrators to install the update at their discretion.