January marked by Java, Flash vulnerabilities
Newly-disclosed vulnerabilities in Flash and Java were the ones to watch out for this winter, according to a new report by Copenhagen-based security firm Secunia.
“Adobe Flash came out really hard at the beginning of the year with two zero-days reported and patched,” said Kasper Lindgaard, Secunia’s director of research and security. “That’s a good or a bad start depending on the eye of the beholder.”
According to the Secunia report, which covered the months of November, December, and January, a zero-day vulnerability in a widely-used application is a particular challenge for enterprises, since it can be extremely difficult to remove it from everywhere its used in an organization.