cancel
Showing results for 
Search instead for 
Did you mean: 

Not to be outdone by Microsoft, Adobe announces zero-day exploit patch for Flash

Highlighted
Community Expert Advisor

Not to be outdone by Microsoft, Adobe announces zero-day exploit patch for Flash

Not to be outdone by Microsoft, Adobe announces zero-day exploit patch for Flash
by Paul Ducklin


Hot on the heels of Microsoft's Internet Explorer (IE) zero-day announcement comes an Adobe bulletin about a zero-day in Flash.

Readers who saw our recent story about Microsoft's zero-day will know that although that bug is entirely in Microsoft's code, the exploits currently seen "in the wild" rely on a Flash file to get things going.

In the IE attacks, Flash is used by the attackers to get their ducks in a row in memory, so to speak, thus creating the circumstances needed make their exploit on IE succeed. Adobe's newly-announced Flash exploit is unrelated: APSB14-13 is a bug in Flash itself that apparently allows remote code execution. That means that you could be infected just by viewing a Flash file in your browser.

 

Full Article

Sr. Community Leader

Beta Tester



WEBROOT® SecureAnywhere™ Internet Security Complete Beta
macOS Sierra & Windows 10 Pro 64