- Adobe Patches Zero-Day Vulnerability in Flash Player
Adobe Patches Zero-Day Vulnerability in Flash Player
silversurfer > 05 December 18, 16:12
Quote:Adobe on Wednesday released several unscheduled fixes for Flash Player, including a critical vulnerability that it said is being exploited in the wild.
The critical vulnerability, You are not allowed to view links. Register or Login to view., is a use-after-free flaw enabling arbitrary code-execution in Flash.
“Adobe has released security updates for Adobe Flash Player for Windows, macOS, Linux and Chrome OS,” Adobe said in its release. “These updates address one critical vulnerability in Adobe
Flash Player and one important vulnerability in Adobe Flash Player installer. Successful exploitation could lead to arbitrary code-execution and privilege-escalation in the context of the current user respectively.”
The flaw was discovered by Chenming Xu and Ed Miles of Gigamon ATR.
Impacted is Adobe Flash Player Desktop Runtime, Adobe Flash Player for You are not allowed to view links. Register or Login to view.; Adobe Flash Player for Microsoft Edge and Internet Explorer 11; all for versions 220.127.116.11 and earlier. Adobe Flash Player Installer versions 18.104.22.168 and earlier is also affected.
Users of these impacted products can update to version 22.214.171.124, according to Adobe. Users of Adobe Flash Player Installer can update to version 126.96.36.199.
Source: You are not allowed to view links. Register or Login to view.