Adobe has issued an out-of-band patch for its Flash player that addresses 19 vulnerabilities, including one zero-day flaw.
In a security advisory, Adobe said that it is “aware of a report that an exploit for CVE-2015-8651 is being used in limited, targeted attacks.”
It described the exploit as an “integer overflow vulnerability that could lead to code execution”.
Qualys CTO Wolfgang Kandek said in a blog post that the update would have been released in January 2016 had it not been for the zero-day, which required out-of-band patching.
“As with all zero-days fixes this one deserves special attention and a quick turnaround,” he said.
Security blogger Brian Krebs used the disclosure of the zero-day to again encourage web users to reconsider Flash use.
_(36).jpg&h=140&w=231&c=1&s=0)
_(33).jpg&h=140&w=231&c=1&s=0)
Melbourne Cloud & Datacenter Convention 2026
iTnews Executive Retreat - Data & AI Edition
The 2026 iAwards
_(1).jpg&h=140&w=231&c=1&s=0)
