Adobe tackles Flash zero-days with mega patch

By on
Adobe tackles Flash zero-days with mega patch

Eighteen vulnerabilities addressed.

Two days after reports of yet another zero day vulnerability surfacing in Adobe's Flash Player software, the company has issued a patch set to address several flaws.

The latest patch collection addresses CVEs 2015-0313 to 0330, plugging a total of 18 vulnerabilities.

Of these, 15 vulnerabilities could be used by attackers to execute arbitrary code on users' machines, the company said.

The CVE-2015-0313 vulnerability is currently being exploited by attackers serving up malicious advertisements that infect computer systems with no user interaction required.

Adobe warned that the updates were rated as critical and have the highest priority. Administrators are advised to upgrade Flash Player as soon as possible.

Microsoft Windows and Apple OS X users should upgrade to Flash Player 16.0.0.305 or the 13.0.0.269 Extended Support Release, and Linux users should upgrade to 11.2.202.442.

Google and Microsoft will issue automatic updates for their Chrome and Internet Explorer web browsers, which have Flash Player built in.

Adobe credited Google's Project Zero security team and the Chromium Vulnerability Rewards Program with reporting most of the vulnerabilities. 

Copyright © iTnews.com.au . All rights reserved.
Tags:

Most Read Articles

Log In

Username:
Password:
|  Forgot your password?