Products & Services

Technology
Dragon Platform
Learn about Zero Trust Architecture

Endpoint Security
Advanced Endpoint Protection
Impenetrable cybersecurity without sacrificing usability

EDR
Gain detailed visibility into all your endpoints activities

SecureBox Application Containerization
Harden applications and hardware environments

Security services
Managed Detection and Response
Immediate and continuous response to incidents

Global Threat Intelligence
Close the window of time your data could be exposed

Customer Success Operations
Get your Comodo solutions setup, deployed or optimized

Advanced Penetration Testing

Network Security
Secure Internet Gateway
Control access to malicious websites

Secure Web Gateway
Defend from any internet based threats

Secure Email Gateway
Stop email threats before it enters your inbox

Data Loss Prevention
Preserve and protect your sensitive data

Website Security
Website Security Internet Products Website Malware Scanner
Keep your website running fast and malware free

DIGITAL CERTIFICATION
TLS / SSL Certificates
Add encryption to your websites

Certificate Manager
Automated certificate mgmt. platform

Private CA
Secure private intranet environments

Code Signing
Digital signature solutions for cloud apps

S/MIME Certificates
Encrypt emails for senders and recipients

Website Scanning
Stay compliant with PCI DSS

Internet of Things
Trusted authentication for IoT devices
SSL Certificates

DIGITAL CERTIFICATION

TLS / SSL Certificates
Add encryption to your websites

Certificate Manager
Automated certificate mgmt. platform

Private CA
Secure private intranet environments

Code Signing
Digital signature solutions for cloud apps

S/MIME Certificates
Encrypt emails for senders and recipients

Website Scanning
Stay compliant with PCI DSS

Internet of Things
Trusted authentication for IoT devices

COMODO CERTIFICATE AUTHORITY BRAND ACQUIRED BY FRANCISCO PARTNERS
Francisco Partners a leading technology-focused private equity fund, has acquired a majority stake in Comodo’s certificate authority business. Newly renamed from Comodo CA Limited to Sectigo Limited. Privacy Policies, Trademarks, Patents and Terms & Conditions are available on Sectigo Limited’s web site.
continue to sectigo.com
Partners
Company

About us
Our Leadership
Meet the people behind the direction for Comodo

Get to know us
Newsroom
Get the latest news about Comodo

Join the Cybersecurity Team
People are the key to achievement and prosperity

Webinars
Stay up to date with our on-demand webinars

Tradeshows & Events

Discuss cybersecurity
Contact us
Worldwide: Sales, Support and General Inquiries

Request Demo
Schedule a live demonstration of our solutions

Emergency Incident Response
Need immediate help? Call 1-888-551-1531
For Home

Security
Antivirus Software
Instantly removes viruses to keep your PC virus free

Mobile Security
Experience true mobile security on your mobile apple devices

Internet Security

Web browsers
Internet Browser
Secure Internet Browser based on Chrome

Browser add-ons & extensions
Security Plugins
Chrome browser internet security extension
Resources

Resources

Customer Success Stories

Webinars On-Demand

Documentation Guides

Blog

KNOWLEDGE BASE

Support Center
Submit a ticket to our support team

Report Vulnerabilities
Share any product bugs or security flaws

Comodo-Academia
Collaborate with research experts on data sets

Valkyrie Plugins
Valkyrie Threat Intelligence Plugins

Valkyrie APIs
Valkyrie Threat Intelligence APIs
My Account
Dragon Platform (US)Dragon Platform (EU)
Cyber Security Blog
Request a Demo
Contact Support
Contact Sales: 1-888-551-1531
START FREE TRIAL

Author Picture Placeholder

Kevin Judge

04.09.2014

10 years ago

it security
pc security

(1 votes, 5.00 / 5)

Loading...

Adobe Patches Critical Flash Flaws

Reading Time: 1 minute

Adobe released a security update today that deals with several critical faults in Flash player and AIR on Windows, Mac and Linux that could allow for third party code execution and disclose private information.

Four critical security vulnerabilities were highlighted in this update by Adobe:

A use-after-free vulnerability that could result in arbitrary code execution (CVE-2014-0506).
This vulnerability was demonstrated it during the Pwn2Own hacking competition in March by researchers at the French security firm Vupen. Pwn2Own awards cash prizes to researchers who demonstrate previously unknown software vulnerabilities.At Pwn2Own, Vupen also identified a critical vulnerability in Adobe Reader that was not addressed in this release and remains a potential threat.

A buffer overflow vulnerability that could result in arbitrary code execution (CVE-2014-0507)

A security bypass vulnerability that could lead to information disclosure (CVE-2014-0508)

A cross-site-scripting vulnerability (CVE-2014-0509)

Adobe stated that they have no knowledge of exploits “in the wild” that actually take advantage of the vulnerabilities.

Google Chrome, Internet Explorer 10 and Internet Explorer 11 installations will be automatically updated with this update.

Apple release support documentation alerting users older versions of Adobe Flash Player to the vulnerabilities and urging them to apply the update.

Adobe Flash animation is used widely in web site design and in web site advertisements. In recent years, hackers have used flaws in Flash to spread malware and execute nefarious scripts and code.

Open Source Inventory Management

START FREE TRIAL GET YOUR INSTANT SECURITY SCORECARD FOR FREE

Stay in the loop

Sign up to our cyber security newsletter

GET YOUR SECURITY SCORECARD FOR FREE

See how your organization scores against cybersecurity threats

SEE YOUR SECURITY SCORES