Wednesday, 24 June 2015

Adobe issues emergency fix for Flash zero-day security flaw





Adobe has issued an emergency patch for a previously undiscovered vulnerability in Flash Player, which the company says is being exploited in the wild.
The company said Tuesday that the latest update of the popular browser plugin, version 18.0.0.194 for both Windows and Macs, fixes a security hole that could allow a hacker to take over an affected system.
"Adobe is aware of reports that CVE-2015-3113 is being actively exploited in the wild via limited, targeted attacks," the company said in a brief advisory.
FireEye researchers discovered the vulnerability was being actively exploited in a phishing campaign earlier this month.

The phishing attempts targeted companies in the aerospace, defense, construction and engineering, tech and telecom, and transportation industries.

The security firm privately reported the flaw to Adobe earlier this month.

Adobe said that the bug was being exploited through "limited, targeted attacks," adding that Internet Explorer users on Windows 7 and earlier are affected, as well as Firefox users on Windows XP.

The company recommended that users update immediately. Chrome users will receive the update automatically.


There was an error in this gadget

Popular Posts

Archive