26 Sep

PCMag – Google Patches Flash Zero Day Bug, Jumps the Gun on Adobe Again

Google has developed a bad habit with respect to patching vulnerabilities in the integrated version of Adobe Flash in their Chrome for Windows browser: They release and announce the updates before Adobe does. They have done it several times in the last year or so and today they did it again. "The Beta and Stable channels have been updated to 14.0.835.186 for Windows, Mac, Linux, and Chrome Frame."

This creates a situation in which Adobe has a zero day bug with increased severity. It’s likely that they aren’t ready to release their own patches, yet 3rd parties could look at the Chrome update and potentially examine it in order to determine what it is patching. From that they could construct an exploit.

via PCMag – Google Patches Flash Zero Day Bug, Jumps the Gun on Adobe Again. The bad habit isn’t Google patching security holes it’s Adobe not patching them first.