Adobe closes critical vulnerability in Flash

Spread the love

Adobe has released a patch for 19 Flash vulnerabilities. In its own words, one of the vulnerabilities is considered critical. That vulnerability is already being used by attackers in limited and targeted attacks. Adobe recommends updating within three days.

Adobe describes the vulnerabilities in a security bulletin. The company also mentions that the vulnerability with number cve-2015-8651 is already being used by attackers. Huawei security officers, who discovered the leak, describe it as integer overflow. According to Adobe, attackers could be able to take over an affected system.

The update is version 20.0.0.267. Some browsers, such as Chrome and certain versions of Internet Explorer, automatically update the embedded version of Flash. Adobe released a patch earlier this month with updates for 79 vulnerabilities. However, none of these would have been used in an attack, the company said. The sheer amount of security vulnerabilities is a reason for some companies to move away from Flash. For example, Facebook recently announced its move to HTML5 for videos.

You might also like