You know, I expect some crappy software from Adobe from a security perspective. That much I have come to expect. But, to allegedly not give credit for 400 vulnerabilities to a researcher and roll out the fixes for them is somewhat unconscionable.
From H-Online:
Officially, Adobe’s current update for Flash Player has closed only 13 holes, but unofficially it is said to have closed several hundred. Security specialist Tavis Ormandy, who works for Google, claims that he discovered 400 holes and notified Adobe of them. The specialist has now complained that, while the holes have been closed, they haven’t been mentioned in the official advisory, and he hasn’t been given credit for their discovery.
Shame on Adobe is this is the case.
(Image used under CC from heyrocker)