• Your favorite

    Apple

    ,

    iPhone

    ,

    iPad

    ,

    iOS

    ,
    Jailbreak
    , and
    Cydia
    site.
  • Adobe Urges Users to Update After Finding New “Actively Exploited” Flash Vulnerability


    This past week, another severe flaw in Adobe’s Flash Player was discovered and is being “actively exploited,” according to the company. Users with Flash installed are being urged to upgrade to the latest version as soon as possible. The flaw, which was assigned CVE ID 2015-3113, affects version 18.0.0.161 of the Flash Player and earlier as well as Flash Player Extended Support Release version 13.0.0.292 and earlier on both the Mac and on Windows. Adobe said that it was aware of “limited, targeted attacks” exploiting this flaw in a security advisory. Known attacks were limited to systems using Windows for the time being.

    Based on data from the National Vulnerability Database, CVE-2015-3113 is a “heap-based buffer overflow” which “allows remote attackers to execute arbitrary code via unspecified vectors.”

    Mac owners with Flash installed separately are being urged to update to version 18.0.0.194. If you are one of the many who either have the Flash Player’s automatic update capability enabled or for those of you who use Chrome (which uses its own version of Flash), should have already received the patch. You can check the version of Flash installed on your system by visiting Adobe’s About Flash Player page or right-clicking on Flash content in their browser and choosing “About Adobe (or Macromedia) Flash Player” from the contextual menu.

    If you feel like you rather just enable automatic updates to help make sure that you get the latest needed updates in the future, instructions for how to enable the automatic update feature can be found here. It might not be a bad idea as Flash is still quite popular on various websites and Adobe doesn’t have the best track record for being secure.

    Source: Adobe (Security Bulletin) (Flash Player About) (Forum)
    This article was originally published in forum thread: Adobe Urges Users to Update After Finding New “Actively Exploited” Flash Vulnerability started by Akshay Masand View original post