This update covers vulnerabilities numbered CVE-2014-0498, CVE-2014-0499 and CVE-2014-0502 if you care to look them up. The last one is known to have been exploited in the wild and the other two are being patched as a precautionary measure. Adobe’s next update isn’t due until April.
In all fairness, it’s not just Adobe who frustrates me; any software company who puts out a product full of holes is responsible. The current production model:
- Slap together a product
- Run superficial testing
- Release to the public (and hackers) for real-world testing
- Fix the vulnerabilities they should have caught in the lab
This just doesn’t work anymore if, in fact, it ever did.
C’mon, people. ALL of you get your acts together.