Adobe has released Adobe AIR 3.7.0.1860 to address vulnerabilities that could cause a crash and potentially allow an attacker to take control of the affected system.

These updates resolve memory corruption vulnerabilities that could lead to code execution (CVE-2013-2728, CVE-2013-3324, CVE-2013-3325, CVE-2013-3326, CVE-2013-3327, CVE-2013-3328, CVE-2013-3329, CVE-2013-3330, CVE-2013-3331, CVE-2013-3332, CVE-2013-3333, CVE-2013-3334, CVE-2013-3335).

Adobe recommends users update their product installations to Adobe AIR 3.7.0.1860. More information in APSB13-14.

Adobe has released Adobe Flash Player 11.7.700.202 to address vulnerabilities that could cause a crash and potentially allow an attacker to take control of the affected system.

These updates resolve memory corruption vulnerabilities that could lead to code execution (CVE-2013-2728, CVE-2013-3324, CVE-2013-3325, CVE-2013-3326, CVE-2013-3327, CVE-2013-3328, CVE-2013-3329, CVE-2013-3330, CVE-2013-3331, CVE-2013-3332, CVE-2013-3333, CVE-2013-3334, CVE-2013-3335).

Adobe recommends users update their product installations to Adobe Flash Player 11.7.700.202. More information in APSB13-14.

Apple released iTunes 11.0.3.42, for both Windows x86 as well as Windows x64.

This release solves issues where an attacker in a privileged network position may manipulate HTTPS server certificates, leading to the disclosure of sensitive information. Because of a certificate validation issue in iTunes, in certain contexts an active network attacker could present untrusted certificates to iTunes and they would be accepted without warning. This issue was resolved by improved certificate validation.

This release also solves the issue where a man-in-the-middle attack while browsing the iTunes Store via iTunes may lead to an unexpected application termination or arbitrary code execution.

Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.

For information on the security content of this update, please visit HT1222 and HT5766.

iTunes 11.0's new features:

• Completely Redesigned. iTunes makes it more fun to explore and enjoy your music, movies, and TV shows. You'll love the beautiful edge-to-edge design, custom designs for each album, movie, or TV show in your library, and getting personal recommendations any time you click In the Store.
• A New Store. The iTunes Store has been completely redesigned and now features a clean look that makes it simpler than ever to see what's hot and discover new favorites.
• Play purchases from iCloud. Your music, movie, and TV show purchases in iCloud now appear inside your library. Just sign-in with your Apple ID to see them. Double-click to play them directly from iCloud or download a copy you can sync to a device or play while offline.
• Up Next. It's now simple to see which songs are playing next, all from a single place. Just click the Up Next icon in the center display and they'll instantly appear. You can even reorder, add, or skip songs whenever you like.
• New MiniPlayer. You can now do a whole lot more with a lot less space. In addition to showing what's playing, MiniPlayer now includes album art, adds Up Next, and makes it easy to search for something new to play—all from a smaller and more elegant design.
• Improved search. It's never been easier to find what you're looking for in iTunes. Just type in the search field and you'll instantly see results from across your entire library. Select any result and iTunes takes you right to it.
• Playback syncing. iCloud now remembers your place in a movie or TV show for you. Whenever you play the same movie or episode from your iPhone, iPad, iPod touch, or Apple TV, it will continue right where you left off.

Google has created a MSI installer package to deploy Google Chrome in the enterprise. Google has created an MSI installer that enables businesses who use standard deployment tools to install Chrome for all their managed users.

Foxit released Foxit Enterprise Reader 6.0, which is designed to meet the PDF viewing needs of enterprise and government organizations. Among the many new features, Enterprise Reader 6.0 allows organizations to standardize on a proven PDF creation solution enterprise-wide, allowing everyone to create their own PDF documents.

Major New Features and Enhancements Foxit Enterprise Reader 6.0 Provides for Better PDF Reading Experience:

• FREE PDF Creation allows users to quickly and easily create industry standard PDF files.
  With one-click, create from Microsoft® Word, PowerPoint, and Excel through the Foxit Reader plug-in. High performance PDF conversion from hundreds of file types by:
  • Dragging and dropping the document into Foxit Reader
  • Using the Foxit Reader create From File capability
  • Right mouse clicking on the file
  • Convert hardcopy documents into PDF with the create From Scanner functionality.
  • Extend any application with print capabilities to include PDF conversion through the included Foxit Reader PDF Printer (PDF print driver).
  • Cut and paste content via the Windows clipboard into a new PDF by using the From Clipboard feature.
• Ribbon-Based Toolbar
• New user interface with a ribbon-based toolbar based on Microsoft Office 2013 (Office 15) design is more intuitive and provides users with a familiar user experience.
• Read and Search PDF Portfolios
  Open and read PDF portfolios and perform searches either within a single PDF file or across all the PDF files in the portfolio.
• Create and Insert Stamps
  Allows users to create and insert stamps into their PDF documents and forms, by selecting from a choice of pre-made stamps or creating static custom stamps.
• PDF Sign
  Allows users to sign documents with their own handwriting. Signatures can be created from an image of your signature or by writing it yourself on touch enabled desktop systems or tablets. Users can quickly and easily manage, place, and apply these signatures.
• Plug-in Manager
  Adds plug-in Manager showing a list of installed plug-ins and their details.
• Comments Summary
  Supports sorting comments by checkmark status, setting current properties of any comment as default, and deleting comment by batch. Plus, note comments can now be printed.
• Booklet Printing
  Allows users to print multipage PDFs in booklet format.
• Run Script Right Control
  Supports to control the right of running Scripts for better PDF protection.
• Whitelist Trusted URLs for Form Submission
  Enables users to create and maintain a whitelist of the trusted URLs when submitting form online.

An MSI package has been made available since Foxit Reader 4.x, but you will have to register for this first here.

Oracle has released "Java Platform, Standard Edition 6 Update 45" also know as 'Java Runtime Environment Version 6.0 Update 45'. This release contains fixes for security vulnerabilities. For more information, see Oracle Java SE Critical Patch Update Advisory and CERT's Alert TA13-107A.

JDK 6u45 contains Olson time zone data version 2012i. For more information, refer to Timezone Data Versions in the JRE Software.

Oracle has released "Java Platform, Standard Edition 7 Update 21" also know as 'Java Runtime Environment Version 7.0 Update 21'. This release contains fixes for security vulnerabilities. A remote, unauthenticated attacker could execute arbitrary code, cause a denial of service, or gain unauthorized access to your files or system. Oracle strongly recommends that customers apply CPU fixes as soon as possible.

For more information, see Oracle Java SE Critical Patch Update Advisory - April 2013 and CERT's Alert TA13-107A

For more information, see Setting the Level of Security for the Java Client and Java Control Panel.

Adobe hased released Adobe Reader 11.0.2 because of critical vulnerabilities (CVE-2013-0640, CVE-2013-0641) in Adobe Reader and Acrobat XI (11.0.01 and earlier). These vulnerabilities could cause the application to crash and potentially allow an attacker to take control of the affected system. 

Adobe is aware of reports that these vulnerabilities are being exploited in the wild in targeted attacks designed to trick Windows users into clicking on a malicious PDF file delivered in an email message.

Adobe recommends users update their product installations to the latest versions:

• Users of Adobe Reader XI (11.0.0) for Windows and Macintosh should update to Adobe Reader XI (11.0.1).
• For users of Adobe Reader X (10.1.4) and earlier versions for Windows and Macintosh, who cannot update to Adobe Reader XI (11.0.1), Adobe has made available the update Adobe Reader X (10.1.5).
• For users of Adobe Reader 9.5.2 and earlier versions for Windows and Macintosh, who cannot update to Adobe Reader XI (11.0.1), Adobe has made available the update Adobe Reader 9.5.3.
• Users of Adobe Acrobat XI (11.0.0) for Windows and Macintosh should update to Adobe Acrobat XI (11.0.1).
• Users of Adobe Acrobat X (10.1.4) and earlier versions for Windows and Macintosh should update to Adobe Acrobat X (10.1.5).
• Users of Adobe Acrobat 9.5.2 and earlier versions for Windows and Macintosh should update to Adobe Acrobat 9.5.3.

More information in APSA13-02 and APSB13-07.

Adobe has released Adobe Shockwave 12.0.0.112 to address vulnerabilities that could allow an attacker, who successfully exploits these vulnerabilities, to run malicious code on the affected system.  Adobe recommends users of Adobe Shockwave Player 11.6.8.638 and earlier versions update to Adobe Shockwave Player 12.0.0.112.

More information in Adobe Security Bulletin APSB13-06.

Adobe released Adobe Reader 10.1.5 to address vulnerabilities that could cause a crash and potentially allow an attacker to take control of the affected system. Adobe recommends users of Adobe Acrobat X (10.1.4) and earlier versions for Windows and Macintosh should update to Adobe Acrobat X (10.1.5).

Adobe hased released Adobe Reader 11.0.1 to address vulnerabilities that could cause a crash and potentially allow an attacker to take control of the affected system.

Adobe recommends users update their product installations to the latest versions:

• Users of Adobe Reader XI (11.0.0) for Windows and Macintosh should update to Adobe Reader XI (11.0.1).
• For users of Adobe Reader X (10.1.4) and earlier versions for Windows and Macintosh, who cannot update to Adobe Reader XI (11.0.1), Adobe has made available the update Adobe Reader X (10.1.5).
• For users of Adobe Reader 9.5.2 and earlier versions for Windows and Macintosh, who cannot update to Adobe Reader XI (11.0.1), Adobe has made available the update Adobe Reader 9.5.3.
• Users of Adobe Reader 9.5.1 and earlier versions for Linux should update to Adobe Reader 9.5.3.
• Users of Adobe Acrobat XI (11.0.0) for Windows and Macintosh should update to Adobe Acrobat XI (11.0.1).
• Users of Adobe Acrobat X (10.1.4) and earlier versions for Windows and Macintosh should update to Adobe Acrobat X (10.1.5).
• Users of Adobe Acrobat 9.5.2 and earlier versions for Windows and Macintosh should update to Adobe Acrobat 9.5.3.

Adobe released Adobe Reader XI (11.0.0) with enhanced tools for working with PDF files.

• Comment using the PDF annotator. Reader XI comes with a full set of commenting tools. So you can add sticky notes, highlight text, and use lines, shapes, stamps, and a typewriter tool to place comments anywhere on your PDF document.
• Fill out forms. Say goodbye to paper forms. Type your responses right on the PDF form, or click through and fill in the form fields. Then save and submit. That's really all there is to it.
• Sign files with e-signatures. No need to print documents before you sign them. With Reader XI, it’s simple to add your electronic signature to PDFs — and just as easy to get them signed by others.
• Do more with online services. One click in Adobe Reader XI takes you to Adobe online services where you can create PDFs, turn PDFs into Office files, or build fillable PDF forms in minutes.

Also read Steve Gottwals's blog about new functionality like Citrix XenApp support, support for Microsoft App-V including a Package Accelerator, a GPO template and support for Microsoft SCCM/SCUP. The GPO template is part of the Enterprise Toolkit which you can find here.

Adobe released Adobe Reader 10.1.4 to address vulnerabilities in the software that could cause the application to crash and potentially allow an attacker to take control of the affected system.

Adobe recommends users update their product installations to the latest versions:

• Users of Adobe Reader X (10.1.3) and earlier versions for Windows and Macintosh should update to Adobe Reader X (10.1.4).
• Users of Adobe Acrobat X (10.1.3) for Windows and Macintosh should update to Adobe Acrobat X (10.1.4).
• Users of Adobe Acrobat 9.5.1 and earlier versions for Windows and Macintosh should update to Adobe Acrobat 9.5.2.