Last week, experts, Trend Micro reported about a critical 0day-bug, which affected everything versions of Adobe Flash, including the latest 19.0.0.185 and 19.0.0.207. Moreover, information security experts warned that hackers are already exploiting dangerous “hole”. Of Adobe, just to eliminate 69 different vulnerabilities in their products, was forced to issue another emergency patch.
Let me remind you that, according to Trend Micro, a dangerous bug exploited by Russian hackers group known as the APT28, Sednit, Fancy Bear, Sofacy or Tsar Team. The exploit was used primarily for the attacks on the Ministry of Foreign Affairs and other countries. However, vulnerability and threat carried millions of ordinary users (who, for some strange reason, still use Flash). The bug allows an remote code execution on the victim machine, hitting the system through a malicious SWF-file.
Baga exposed:
- Adobe Flash Player 18.x to version 18.0.0.252 on Microsoft Windows platforms and Mac OS X.
- Adobe Flash Player 19.x to version 19.0.0.207 on Microsoft Windows platforms and Mac OS X.
- Adobe Flash Playerx to version 11.2.202.535 on Linux.
Adobe has released Security Bulletin APSB15-27, which reported the correction of three critical vulnerabilities: CVE-2015-7645, CVE-2015-7647 and CVE-2015-7648. What critical bugs discovered in addition to experts from Trend Micro, have been corrected, the company does not report. That is, Adobe Patches Flash Player Zero-day Vulnerability.
Corrections relate to the following products:
- Adobe Flash Player Desktop Runtime
- Adobe Flash Player Extended Support Release
- Adobe Flash Player for Google Chrome
- Adobe Flash Player for Google Chrome
- Adobe Flash Player for Microsoft Edge and Internet Explorer 11
- Adobe Flash Player for Internet Explorer 10 and 11
- Adobe Flash Player for Linux
