• Home
  • Apps
  • Apps News
  • Adobe Flash Player Critical Vulnerability Hits Windows Users, Fix Issued

Adobe Flash Player Critical Vulnerability Hits Windows Users, Fix Issued

 
Share on Facebook Tweet Share Share Reddit Comment
Adobe Flash Player Critical Vulnerability Hits Windows Users, Fix Issued

Highlights

  • The patch has been issued in version 30.0.0.113
  • It has been addressed for version 29.0.0.171
  • Adobe recommends installing the update urgently

Adobe has released a priority update to plug a critical security flaw in its popular Flash Player on Windows. As per an official announcement by the company, the latest patch will address issues in Adobe Flash Player 29.0.0.171 and other earlier versions. The vulnerabilities, according to Adobe, are being used by hackers to embed malicious content distributed via email.

Security firm Icebrg on Thursday announced that a zero-day vulnerability has led to exploitation in Adobe Flash specifically targeted towards users in the Middle East. The vulnerability (CVE-2018-5002) enables attackers to execute certain actions by executing code on the victims' computers. As per the blog post, the exploit uses a Microsoft Office document for the attack. To circumvent the fact that Adobe Flash is blocked on most browsers, the exploit involves loading Flash Player from within Microsoft Office. The flaw was reported by Icebrg in collaboration with Qihoo 360 Core Security.

"While this attack leveraged a zero-day exploit, individual attacker actions do not happen in isolation. There are several other behavioural aspects that can be used for detection. Any single observable might be low confidence but multiple observables clustered might be indicative of suspicious or malicious activity," said Icebrg staff in its blog post.

Of course, this is not the first instance wherein Flash Player's vulnerabilities have been exploited. Back in October last year, the company had issued a security patch to fix a critical leak.

Users have been strongly recommended to update Adobe Flash in order to avoid any such vulnerabilities seeping into your machines. The update, however, is not a guarantee towards protection against future discrepancies. It is thus advised to enable flash on only a secondary browser that is not used majorly on the computer.

Comments

For the latest tech news and reviews, follow Gadgets 360 on Twitter, Facebook, and subscribe to our YouTube channel.

Further reading: Adobe Flash, Adobe, Flash Player
Samsung Galaxy S9+ Bestselling Smartphone in April, iPhone X Slides Down to Third: Counterpoint
Google's AI-Based 'Project Oasis' Terrarium Simulates Real-World Weather Conditions
 
 

Advertisement

 

Advertisement