I am having an argument with my 3rd party match management vendor - Secunia/Flexera, and I am curious how other vendors handle this situation.
Recently, Adobe released a security update for Flash-- 20.0.0.267 that had a bug in it and then a couple of days later released 20.0.0.270 to correct the bug. I need to patch Flash because there are security vulnerabilities in version 20.0.0.235. The only option Secunia has for us is to deploy version 20.0.0.267 which corrects known security vulnerabilities, but has a known critical functional bug. Secunia refuses to offer 20.0.0.270 because they consider it a "bug fix" and not a "security update" Secunia is in the business of patching security vulnerabilities not supplying patches that fix functional bugs. I am curious to know how the other patch vendor solutions are handling this issue. Does your third party patch solution offer all patches for Flash or only ones that plug security holes? ________________________________ Notice: This UI Health Care e-mail (including attachments) is covered by the Electronic Communications Privacy Act, 18 U.S.C. 2510-2521, is confidential and may be legally privileged. If you are not the intended recipient, you are hereby notified that any retention, dissemination, distribution, or copying of this communication is strictly prohibited. Please reply to the sender that you have received the message in error, then delete it. Thank you. ________________________________
