Mozilla fixed three critical vulnerabilities and made Flash click-to-activate by default when it released Firefox 55 on Tuesday

Adobe’s first scheduled patch release of 2017 includes updates for Flash Player, Reader and Acrobat.

Adobe again released a security update for Flash Player, patching nine remote code execution vulnerabilities. Adobe Connect for Windows was also updated.

Microsoft extended the end of life deadline on EMET to July 2018, but experts say its usefulness as a mitigation toolkit has been limited for some time.

Several vulnerabilities in Ubuntu’s implementation of the Linux kernel, including a use-after-free vulnerability and a timing side-channel vulnerability, were patched today. An advisory issued by Ubuntu Wednesday morning urges users to patch if they’re running 14.04 LTS or any derivative builds. The update fixes a use-after-free vulnerability in the kernel’s CXGB3 driver that an attacker could...

Despite calls to eliminate Adobe Flash Player, researchers inside and outside the vendor continue to invest in and build mitigations against modern attacks. As recently as three weeks ago, Adobe announced it had rewritten its memory manager, laying the groundwork for widespread heap isolation, which is an important protection against use-after-free vulnerability exploits. Today, however,...