Adobe has issued an out-of-band patch for its Flash player that addresses 19 vulnerabilities, including one zero-day flaw.
In a security advisory, Adobe said that it is “aware of a report that an exploit for CVE-2015-8651 is being used in limited, targeted attacks.”
It described the exploit as an “integer overflow vulnerability that could lead to code execution”.
Qualys CTO Wolfgang Kandek said in a blog post that the update would have been released in January 2016 had it not been for the zero-day, which required out-of-band patching.
“As with all zero-days fixes this one deserves special attention and a quick turnaround,” he said.
Security blogger Brian Krebs used the disclosure of the zero-day to again encourage web users to reconsider Flash use.
_(33).jpg&h=140&w=231&c=1&s=0)
_(36).jpg&h=140&w=231&c=1&s=0)
iTnews Executive Retreat - Security Leaders Edition
Huntress + Eftsure Virtual Event -Fighting A New Frontier of Cyber-Fraud: How Leaders Can Work Together
iTnews Cloud Covered Breakfast Summit
Live & Hands On Demo: Navigating the BMC AMI DevX Platform to Understand Code Faster Using AI
Melbourne Cloud & Datacenter Convention 2026
.jpg&h=271&w=480&c=1&s=1)
_(1).jpg&h=140&w=231&c=1&s=0)
