Tuesday, June 10, 2014

Adobe Patch Tuesday Security Hole Circus

--

Another Adobe Patch Tuesday, another pile of security holes we didn't know were there all along.

I decided to take another tack in my attack against Adobe's crapware. Below is a rant I posted up on MacUpdate along with my half-star rating of Adobe's Flash Internet plug-in.


~ ~ ~

This is why I hate Flash, this stuff, this constant insecurity STUFF:

"These updates resolve cross-site-scripting vulnerabilities (CVE-2014-0531, CVE-2014-0532, CVE-2014-0533).


"These updates resolve security bypass vulnerabilities (CVE-2014-0534, CVE-2014-0535).


"These updates resolve a memory corruption vulnerability that could result in arbitrary code execution (CVE-2014-0536)."


These are all the security holes patched in this update. This profound patching happens with EVERY update. And we know damned well that there are a hundred+ MORE security holes in this crap code that haven't been patched yet. Could this crap be programmed any WORSE? And Adobe dares defend the use of Flash on the Internet. Shut up Adobe and kill this skanky thing DEAD already! 


Oh and did you know that Adobe incorporates an old, unpatched, security hole riddled, zero-day attack prone version of Flash in their crappy Shockwave Internet plug-in, and that Adobe don't give a rat's about the consequences? IASSOTS Adobe.


ADVICE: Don't install EITHER Flash OR Shockwave if you want to stay safe on the Internet. They're the #2 and #3 MOST dangerous software a Mac user can run, close behind Oracle's crap Java Internet plug-in.

~ ~ ~

I think that gets the point across.

STILL no new Shockwave update. How dare you Adobe? After all the flood of hate from the Internet community about your implementation of Flash in Shockwave you do N O T H I N G ? We got the message. You hate your customers.


Oh and, as per usual, if there are Flash security holes, there are AIR security holes. If you still are forced to use this crapware, be sure to update BOTH.


What DO you care about Adobe? Besides the money?


--




No comments:

Post a Comment