Goto

Collaborating Authors

South Korea identifies Flash 0-day in the wild

ZDNet

Late last week, South Korea's CERT identified a use-after-free exploit that impacted Adobe Flash versions 28.0.0.137 and earlier and could allow for remote code execution across Windows, macOS, Linux, and Chrome OS.


Windows users attacked via critical Flash zero-day: Patch now, urges Adobe

ZDNet

Advanced hackers have demonstrated that you really don't need browsers to exploit Flash Player vulnerabilities on Windows. Office does the job just fine. Adobe has released an update to address a critical flaw affecting Flash Player that is actively being exploited, otherwise known as a zero-day flaw. Adobe is urging users to update from Adobe Flash Player 29.0.0.171 to the patched version, 30.0.0.113. It also addresses three other flaws.


Windows security: Google flags up new critical Adobe Flash Player flaw

ZDNet

Google told Adobe that an exploit for the bug is in the wild and is being used to attack machines running Windows 10, as well as Windows 7 and Windows 8.1. Software firm Adobe has rushed out a patch for a critical flaw in Flash Player, which Google's security researchers have discovered is being used to attack Windows. The bug, a use-after-free memory issue, was reported by members of Google's Threat Analysis Group. "These updates address a critical vulnerability that could potentially allow an attacker to take control of the affected system," Adobe said. The massive cyberattacks which took down some of the most popular websites on the internet show that device manufacturers are not learning from the mistakes of the past.