light bulb

Did You Know?



Reply
Posts: 849
Topics: 174
Kudos: 452
Registered: ‎10-03-2012

Not to be outdone by Microsoft, Adobe announces zero-day exploit patch for Flash

Not to be outdone by Microsoft, Adobe announces zero-day exploit patch for Flash
by Paul Ducklin


Hot on the heels of Microsoft's Internet Explorer (IE) zero-day announcement comes an Adobe bulletin about a zero-day in Flash.

Readers who saw our recent story about Microsoft's zero-day will know that although that bug is entirely in Microsoft's code, the exploits currently seen "in the wild" rely on a Flash file to get things going.

In the IE attacks, Flash is used by the attackers to get their ducks in a row in memory, so to speak, thus creating the circumstances needed make their exploit on IE succeed. Adobe's newly-announced Flash exploit is unrelated: APSB14-13 is a bug in Flash itself that apparently allows remote code execution. That means that you could be infected just by viewing a Flash file in your browser.

 

Full Article

Sr. Community Leader

Beta Tester



Webroot® SecureAnywhere™ Internet Security Complete Beta v8.0.7.28 & VoodooShield Beta v2.23m