Day two of the Pwn2Own competition at CanSecWest was again successful for French Vupen security, as they succeeded in exploiting Adobe Flash on Internet Explorer 9 on Windows 7 by chaining together three zero-days (an overflow, a ASLR bypass technique and a IE9 sandbox memory corruption) and earning themselves another...

Adobe on Wednesday patched six vulnerabilities in Flash Player, including one it admitted is already being exploited by attackers.That vulnerability, identified as CVE-2011-2444, shares some traits with an earlier Flash flaw that was used to target Gmail accounts in June.Adobe labeled CVE-2011-2444 as a cross-site scripting...

Adobe has announced the next version of its Flash Player, repositioning its media platform for a mobile world where it is being increasingly shunned.The company today unveiled the Flash Player 11 and the Flash-based runtime AIR 3, with a heavy emphasis on 3D gaming both in the features and in a roll-call of customers endorsing...