See here for the latest Adobe Flash Updates - Adobe Flash Player 19.0.0.245/18.0.0.261 ESR & Adobe AIR 19.0.0.241
10th November 2015 By Kelly Jackson Higgins
Prototype aims to prevent exploits that employ 'use after free' bugs in Windows, Linux, OS X software.
Another day, another Adobe Flash vulnerability: but this time, the researchers who found the bug are also building an attack-mitigation method that would eliminate attacks exploiting bugs like this one.
Attack mitigation methods are nothing new, but to date, they've mostly been isolated to a specific class of bugs or platform, and mainly Windows. Microsoft has led this trend with its DEP (Data Execution Prevention) and ASLR (Address Space Layout Randomization) mitigation tools built into its software and adopted by many of its third-party application vendors. DEP prevents an exploit from directly injecting and executing code from sections of memory used for data, and ASLR protects against buffer overflow attacks by placing a software process's address space in random areas of memory so it's more difficult for an attacker to execute malware on a machine.
Full Article
Adobe Flash Bug Discovery Leads To New Attack Mitigation Method
Userlevel 7
+54
Be the first to reply!
Reply
Login to the community
No account yet? Create an account
Enter your username or e-mail address. We'll send you an e-mail with instructions to reset your password.