Update(2): 10/16
Adobe releases a fix to patch this vulnerability with Flash Player version 19.0.0.226. You should download the latest version immediately if you are using Flash.
Update: 10/16
The Flash zero-day was actually reported by a Google engineer two weeks prior to it being found in the wild. Natalie Silvanovich from Google Project Zero initially posted a report on Sept 29th.
– –
A new Flash Player zero-day has been found in the wild and is being used in targeted attacks. Adobe has published a security bulletin and said it expects to release a patch during the week of October 19.
The vulnerability which has been assigned as CVE-2015-7645 is rated critical and affects Adobe Flash Player 19.0.0.207 and earlier versions.
This means that even if you are running the latest version of this program, you are still vulnerable and can get infected by simply browsing the web, even on sites that you trust.
2015 has been a very bad year for the Flash Player and given that a patch won’t be available for several more days it is crucial to take immediate action to protect yourself. Indeed, this window of opportunity is something that exploit kit authors have taken advantage of in the past to infect scores of end users
Now is the time for you to seriously consider disabling or removing the Flash Player from your browser. For those that can’t do without it (many sites still require it), we strongly recommend that you use an exploit mitigation tool such as Malwarebytes Anti-Exploit.
We will keep you posted of further developments on this new zero-day.
COMMENTS
Pingback: Another security flaw affects all versions of Adobe Flash -()
Pingback: Another security flaw affects all versions of Adobe Flash | Tech Camp()
Pingback: Another security flaw affects all versions of Adobe Flash | Expressivus()
Pingback: Another security flaw affects all versions of Adobe Flash | technology market()
Pingback: Another security flaw affects all versions of Adobe Flash | Technology News: breaking news and analysis on computing, the web, blogs, games, gadgets, social media, broadband and more.Technology News: breaking news and analysis on computing, the web, blogs()
Pingback: Another security flaw affects all versions of Adobe Flash | Geek Blog()
Pingback: Another security flaw affects all versions of Adobe Flash | Tech Domes()
Pingback: Another security flaw affects all versions of Adobe Flash | OPI Technology()
Pingback: Another security flaw affects all versions of Adobe Flash | XNews.Ga()
Pingback: Brand New Security Flaw Affects All Versions of Flash Just One Day After Update Was Released - PC Privacy Shield()
Pingback: New Flash Player Zero-Day vulnerability | NewZSentinel()
Pingback: Recent Flash Zero-Day Now Part of Exploit Kits | Malwarebytes Unpacked()
Pingback: Magnitude Exploit Kit Activity Increases Via Malvertising Attacks | Malwarebytes Unpacked()
Pingback: Magnitude Exploit Kit Activity Increases Via Malvertising Attacks | Secured Universe News()
Pingback: Zero-Day Malware Archive | Internet Crime Fighters Organization News, Tips, Media()
Pingback: Computer Network Threats Archive | Internet Crime Fighters Organization()