Menu
Emergency Flash Player updates fix vulnerability used in widespread attacks

Emergency Flash Player updates fix vulnerability used in widespread attacks

A total of 36 flaws were patched, many of them critical

Flash Player installation

Flash Player installation

Adobe Systems was forced to rush the release of a Flash Player update after an exploit for a previously unknown vulnerability was leaked on the Internet and quickly adopted by cybercriminals.

Users are advised to upgrade to the newly released Flash Player 18.0.0.203 for Windows and Mac, Flash Player 11.2.202.481 for Linux, or Flash Player 13.0.0.302, if they're on the extended support channel.

The Flash Player plug-in bundled with Google Chrome and Internet Explorer on Windows 8.x will be automatically updated.

The company also released version 18.0.0.180 of the AIR runtime, AIR SDK and AIR SDK & Compiler, because these products also bundle Flash Player.

The new updates fix a total of 36 vulnerabilities, 17 of which could lead to remote code execution.

The most important of the patched flaws is called CVE-2015-5119 and has been publicly known since Tuesday, when security researchers found an exploit for it among corporate files leaked from a surveillance software developer called Hacking Team.

The exploit was likely used by Hacking Team's customers, who are mostly government agencies, to silently install the company's surveillance software on their targets' computers.

Security vendor Trend Micro found evidence that the exploit was used in targeted attacks against users in South Korea and Japan at the end of June and beginning of July. Since these attacks happened before the exploit was leaked publicly, it's likely that they were launched by someone with access to Hacking Team's tools, such as one of the company's customers.

After the public leak it took cybercriminals only a day to integrate the exploit into large-scale attack tools, significantly raising the risk for regular Internet users. Because of that, everyone should install the new Flash Player updates as soon as possible.


Follow Us

Join the newsletter!

Error: Please check your email address.

Tags securitypatch managementtrend microintrusionpatchesAdobe SystemsExploits / vulnerabilitiesHacking Team

Featured

Slideshows

Looking back at the top 15 M&A deals in NZ during 2017

Looking back at the top 15 M&A deals in NZ during 2017

In 2017, merger and acquisitions fever reached new heights in New Zealand, with a host of big name deals dominating the headlines. Reseller News recaps the most important transactions of the Kiwi channel during the past 12 months.

Looking back at the top 15 M&A deals in NZ during 2017
Kiwi channel closes 2017 with After Hours

Kiwi channel closes 2017 with After Hours

The channel in New Zealand came together to celebrate the close of 2017, as the final After Hours played out in front of a bumper Auckland crowd.

Kiwi channel closes 2017 with After Hours
Meet the top performing HP partners in NZ

Meet the top performing HP partners in NZ

HP honoured leading partners across the channel at the Partner Awards 2017 in New Zealand, recognising excellence across the entire print and personal systems portfolio.

Meet the top performing HP partners in NZ
Show Comments