New Flash Player vulnerabilities

Status
Not open for further replies.
L

LabZero

Thread author
The spread of data stolen in HackingTeam allowed to bring out two more security vulnerabilities in Adobe Flash that allow an attacker to take control of target computers simply by visiting a link (one of the favorite techniques of HackingTeam).

These two new flaws have not for now a corrective update!

Adobe is racing to create and deploy the update to correct these vulnerabilities, but meanwhile, cybercriminals are already using at least one of them, so it is highly recommended that you uninstall, disable or block Flash to run automatically. Among other things, probably will not feel the lack; Indeed, you'll notice that many sites will load faster because Flash content (usually advertisements) are not read.

The Flash flaws are labeled CVE-2015-5122 and -5123 and are present in versions of Windows, Linux and OS X Adobe plug-in. Adobe has said that these new flaws will be corrected next week. Until then, use more caution than usual, even on good reputation because many attacks come from Flash advertising, which are not handled by the same sites but are submitted by ad networks, that are targeted by cybercriminals.

Update 2015.07.13

Regards Klipsh :)
 
  • Like
Reactions: ElectricSheep, JM Safe, jamescv7 and 3 others
C

Cch123

Level 7
Verified
May 6, 2014
335
*Cough cough While everyone is so focused on the Adobe flash exploits, let's not forget about the far more dangerous and as of yet unpatched Windows Kernel exploit inside the files.
 
  • Like
Reactions: Cats-4_Owners-2 and LabZero
Cats-4_Owners-2

Cats-4_Owners-2

Level 39
Verified
Honorary Member
Top Poster
Well-known
Dec 4, 2013
2,800
After falling gloriously to sleep before the sun set,:D it is now the middle of the night here & I am wide awake & alerted to Windows
:eek:vulnerabilities.:rolleyes: Although I happen to be typing from linux (at the moment) I've still activated <click> to play for Chrome. Check.
Now, @Cch123's mention of 'Windows un-patched kernel exploit' shall have to wait until daylight clears the mountains to the east. Thanks to delicious pizza,,and the fine folks on MT, it is now time to dream for at least 2 more hours!;) :p:D
 
  • Like
Reactions: ElectricSheep, JM Safe, Cch123 and 2 others
jamescv7

jamescv7

Level 85
Verified
Honorary Member
Mar 15, 2011
13,070
You may use Flash player with your control, those patches are been fixed immediately + you have a very minimal chance to infect if you are just going to the same sites to play video.

Based on my observation alongside of investigation cause novice + advance users are never been infected of unpatched Flash Player.
 
  • Like
Reactions: JM Safe, Cats-4_Owners-2 and LabZero
Status
Not open for further replies.

Similar threads

MuzzMelbourne
    • Wow
    • Like
    • +Reputation
Firmware vulnerabilities in millions of computers could give hackers superuser status
Replies
1
Views
1,324
News Archive
cartaphilus
cartaphilus
Gandalf_The_Grey
    • Like
    • +Reputation
    • Thanks
Microsoft June 2023 Patch Tuesday fixes 78 flaws, 38 RCE bugs
Replies
2
Views
902
News Archive
Gandalf_The_Grey
Gandalf_The_Grey
MuzzMelbourne
    • Like
    • +Reputation
    • Applause
ASUS urges customers to patch critical router vulnerabilities
Replies
2
Views
1,069
News Archive
blackice
blackice

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top