Patch Adobe Flash Now Exploit Detected in the Wild
Adobe has issued patches for Flash to address multiple vulnerabilities, including a use-after-free zero-day flaw in the in the ActionScript 3 ByteArray (CVE-2015-5119), which could allow a remote attacker to execute arbitrary code on a targeted system.
“Adobe has released security updates for Adobe Flash Player for Windows, Macintosh and Linux. These updates address critical vulnerabilities that could potentially allow an attacker to take control of the affected system,” an advisory states.
“Adobe is aware of a report that an exploit targeting CVE-2015-5119 has been publicly published.”
The vulnerability was discovered along with other proof-of-concept exploits in data that was leaked in the recent Hacking Team breach, a company known to sell communication interception and surveillance tools.
Figure A shows a sample post made to the Hacking Team Twitter account.
Flash Player versions 9.0 through version 18.0.0.194 are impacted by the vulnerability, which can allow attacker-controlled memory corruption in a targeted system.
Adobe recommends users apply the updates immediately:
Adobe recommends users of the Adobe Flash Player Desktop Runtime for Windows and Macintosh update to Adobe Flash Player 18.0.0.203 by visiting the Adobe Flash Player Download Center or via the update mechanism within the product when prompted.
Adobe recommends users of the Adobe Flash Player Extended Support Release update to version 13.0.0.302 by visiting https://helpx.adobe.com/flash-player/kb/archived-flash-player-versions.html.
Adobe recommends users of Adobe Flash Player for Linux update to Adobe Flash Player 11.2.202.481 by visiting the Adobe Flash Player Download Center.
Adobe Flash Player installed with Google Chrome will be automatically updated to the latest Google Chrome version, which will include Adobe Flash Player 18.0.0.203 on Windows and Macintosh, and Flash Player 18.0.0.204 on Linux.
Adobe Flash Player installed with Internet Explorer for Windows 8.x will be automatically updated to the latest version, which will include Adobe Flash Player 18.0.0.203.
The post Patch Adobe Flash Now – Exploit Detected in the Wild appeared first on Darkmatters.
MailShark
Free anti-spam service
Free email filter service
Related MailShark Articles
Cybercrime Week in Review 4 July 2015 Posted in Global Spam News
Malvertising set to wreak one BILLION dollars in damage this year Posted in Global Spam News
Cybercrime Week in Review 18 July 2015 Posted in Global Spam News
Cybercrime Week in Review 11 July 2015 Posted in Global Spam News
Cybercrime Week in Review 27 June 2015 Posted in Global Spam News
Cybercrime Week in Review 24 October 2015 Posted in Global Spam News
Cybercrime Week in Review 17 October 2015 Posted in Global Spam News
Cybercrime Week in Review 26 September 2015 Posted in Global Spam News
Cybercrime Week in Review 8 August 2015 Posted in Global Spam News
Cybercrime Week in Review 9 May 2015 Posted in Global Spam News
