welcome

This website uses cookies to ensure you get the best experience on our website.
Please scroll to the bottom of page to read the notice if you are coming from the European Union...

Saturday, June 18, 2016

Delete Or Update All Adobe Flash Player Instances, Experts Warn (threatpost.com)

An article from Bank Info Security:  


Security experts are once again warning enterprises to immediately update -- or delete -- all instances of the Adobe Flash Player they may have installed on any system in the wake of reports that a zero-day flaw in the web browser plug-in is being targeted by an advanced persistent threat group.... 

The bug exists in Adobe Flash Player 21.0.0.242 and earlier versions -- running on Windows, Mac, Linux, and Chrome OS -- and "successful exploitation could cause a crash and potentially allow an attacker to take control of the affected system."

Thursday Adobe released an updated version of Flash patching 36 separate vulnerabilities, including
the critical vulnerability which "if exploited would allow malicious native-code to execute, potentially without a user being aware."

While applauding Adobe's quick response, researchers at Kaspersky Lab say it's already been exploited in Russia, Nepal, South Korea, China, India, Kuwait and Romania, and BankInfoSecurity writes that "The latest warning over this campaign reinforces just how often APT attackers target Flash, thus making a potential business case for banning it for inside the enterprise."

No comments:

Post a Comment