Adobe has fixed a series of security vulnerabilities in Flash Player
The company said in an advisory Tuesday that the updates will address security flaws that "could potentially allow an attacker to take control of the affected system." The patches aim to fix flaws that could lead to code execution -- in other words, allowing an attacker to run malicious code.
Adobe released an important Flash Player patch to fix a vulnerability over the weekend affecting those who have the Flash Player plugin installed.
The vulnerability, labeled CVE-2015-0311, was featured in the “Angler Exploit Kit,” a toolkit used by hackers. The Angler Exploit Kit is a toolkit that helps hackers initiate mass drive-by-download attacks. Drive-by-download attacks quietly put malware on your computer when you view malicious ads or visit unsecured websites.
Attackers are using compromised websites to exploit a new and currently unpatched vulnerability in Flash Player, a malware researcher has reported.
The new exploit was observed in drive-by-download attacks launched with an exploit kit called Angler, according to an independent researcher who uses the online alias Kafeine.
A little more than 16 months ago, word emerged that the FBI exploited a recently patched Firefox vulnerability to unmask Tor users visiting a notorious child pornography site. It turns out that the feds had waged an even broader uncloaking campaign a year earlier by using a long-abandoned part of the open source Metasploit exploit framework to identify Tor-using suspects.
Adobe has worked with Apple to sandbox Flash Player under Safari in Mac OS X, restricting the ability of attackers to exploit any vulnerabilities they might find in the browser plug-in.
"With this week's release of Safari in OS X Mavericks, Flash Player will now be protected by an OS X App Sandbox," Peleus Uhley, platform security strategist at Adobe, said Wednesday in a blog post. A sandbox is a mechanism that enforces certain restrictions on how an application interacts with the underlying operating system.
Adobe today patched Flash Player, the fifth time this year it's updated the vulnerability-plagued software.
Unlike two of the three updates last month, however, today's was part of Adobe's regularly-scheduled patch cadence.
Adobe released security updates for Flash Player and Shockwave Player on Tuesday in order to address a total of 19 vulnerabilities affecting the two products.
New stand-alone versions of Flash Player 11 were released for Windows, Mac, Linux and Android. The Flash Player plug-ins bundled with Google Chrome and Internet Explorer 10 will be automatically updated through the update mechanisms of the two browsers.
Adobe has issued an emergency fix for Flash to prevent two ongoing malware attacks against the world's most popular Web plug-in.
In an advisory note, Adobe announced the latest release of Flash Player 11.5, which will patch two security zero-day vulnerabilities that are actively being used by hackers and malware writers to spread malware.
Adobe has posted an update to address vulnerabilities in its Flash Player media platform.
The company said that the update would address flaws in all versions of its online media playing tool, including Flash Player for Android 4.0.
Adobe has released yet another security update for Flash Player, to address a new set of six vulnerabilities that even affect the company's most recent patch that was issued just last week.
