Critical Adobe Flash bug under active attack currently has no patch

  • 15 June 2016
  • 5 replies
  • 622 views

Userlevel 7
Badge +54

Exploit works against the most recent version; Adobe plans update later this week.

by Dan Goodin (US) - Jun 14, 2016
 
Attackers are exploiting a critical vulnerability in Adobe's widely used Flash Player, and Adobe says it won't have a patch ready until later this week.
 
The active zero-day exploit works against the most recent Flash version 21.0.0.242 and was detected earlier this month by researchers from antivirus provider Kaspersky Lab, according to a blog post published Tuesday by Costin Raiu, the director of the company's global research and analysis team. It's being carried out by "ScarCruft," the name Kaspersky has given to a relatively new hacking group engaged in "advanced persistent threat" campaigns that target companies and organizations for high-value information and data. Raiu wrote:
 
Full Article

5 replies

Userlevel 7
And another Flash issue arises, eh? Well, I suppose that we should be enured to that regular occurence...:(
Userlevel 7
Badge +11
You would of thought that Adobe would be more cautious than ever due to recent issues, apparently not :( 
Userlevel 7
Badge +34
I'll be very pleased when I can finally uninstall Adobe Flash. In the meantime I have it set to "Ask to Activate" in Firefox  which is a lot safer than "Always Activate".
Userlevel 4
Webroot should handle it nicely I think if it should come up.
Adobe seems a bit slow in keeping up with things it seems.
 
Tony
Userlevel 7
Badge +56
Thanks Jeff!
 
Daniel 😉

Reply