Adobe Patches Flash Player Zero-Day Flaw Already Under Attack

Exterminator

Exterminator

Level 85
Thread author
Verified
Top Poster
Well-known
Oct 23, 2012
12,527
Adobe has released its Adobe Tuesday security patches, fixing security flaws in a total of nine software solutions, including Flash Player, ColdFusion Builder, and InDesign.

One of the critical patches, however, is APSB16-39 Security update available for Adobe Flash Player, which is specifically supposed to address no less than 16 security bugs in Flash, one of which could allow remote code execution if successfully exploited.

And chances are it could easily be successfully exploited, with Adobe confirming that it’s already seeing attacks aimed at users and trying to take advantage of this vulnerability. It goes without saying that Flash Player users should prioritize development of this patch, and the Flash Player version you should be looking for is 24.0.0.186.

Adobe Flash Player Desktop Runtime, as well as Google Chrome, Microsoft Edge, and Internet Explorer 11 are all rated with a “1” priority rating (the highest priority rating available in Adobe’s patching cycle), while Adobe Flash Player for Linux is rated “3.” Everyone should patch Flash Player quickly, though.

0-day flaw already exploited
“Adobe has released security updates for Adobe Flash Player for Windows, Macintosh, Linux and Chrome OS. These updates address critical vulnerabilities that could potentially allow an attacker to take control of the affected system,” Adobe explains in its security advisory.

“Adobe is aware of a report that an exploit for CVE-2016-7892 exists in the wild, and is being used in limited, targeted attacks against users running Internet Explorer (32-bit) on Windows.”

In the case of Microsoft users running Internet Explorer and Edge, the Flash Player update is shipped via Windows Update, as the application is integrated into the browser.

Adobe is also patching other products in its lineup, and although they are rated as critical, the company isn’t saying anything about any active exploits being used in attacks against users. Obviously, you are recommended to install all Adobe patches as soon as possible to remain secure.
Click to expand...
 
  • Like
Reactions: Deleted member 2913, aragornnnn, harlan4096 and 4 others
Svoll

Svoll

Level 13
Verified
Top Poster
Well-known
Nov 17, 2016
627
Tony Cole said:
Google Chrome is now going to block Adobe Flash (thank god! Worse software ever!) can I just block Flash via Chrome://plugins or will that affect web pages?
Click to expand...

Only on pages that require Flash, right now there is one site I go to for my sitcoms that still require flash, Unless I am on that site to view the show, its disable all the time. Most sites are moving to HTML5, and I hope CBS will transition to it soon.
 
  • Like
Reactions: Tony Cole, Deleted member 2913, shmu26 and 1 other person
You must log in or register to reply here.

Similar threads

Gandalf_The_Grey
    • Like
    • +Reputation
Security News ZDI: The October 2024 Security Update Review
Replies
2
Views
1,495
Security News
Gandalf_The_Grey
Gandalf_The_Grey
silversurfer
    • Like
    • +Reputation
CISA Warns of Attacks Exploiting Adobe Acrobat Vulnerability
Replies
0
Views
1,366
News Archive
silversurfer
silversurfer
Gandalf_The_Grey
    • Like
    • +Reputation
ZDI: The October 2023 Security Update Review
Replies
2
Views
1,574
News Archive
Gandalf_The_Grey
Gandalf_The_Grey

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top