Emergency Adobe Flash Patch Fixes Zero Day Under Attack

Found on Threat Post on Tuesday, 23 June 2015

Adobe today released an out-of-band patch for a Flash Player zero-day vulnerability being used in targeted attacks by an APT gang known for its storehouse of exploits targeting unpatched browser-based vulnerabilities.

“Any time one of these groups is using a zero day and casting such a wide net, it’s pretty significant, especially since the activity started in early June and a patch was not released until today,” Oppenheim said. “That’s a big window, and possibly tons of victims affected.”

The biggest bug is Flash itself. It ridden with holes and the top reason for infections. In all the years, Adobe has failed hard to make it at least somewhat secure. The best solution is to just remove it from all your systems and move on. With HTML5, there is no real reason to use this piece of bugware anymore.

Browse all articles« Previous « » Next »