Adobe Flash patch again just before the end of the year. The publisher publishes a new security patch that fixes a total of 19 security vulnerabilities in Flash Player, but also in the AIR SDK and the environment
The flaws are considered critical and allow an attacker to execute code on the victim machine. All previous versions of Flash to the 20.0.235 version are affected. Adobe also states that one of the flaws corrected is already operated under attacks: CVE-2015-8651 vulnerability is known and used by cybercriminals as part “of limited, targeted attacks.” The Flash maintaining and correcting these flaws is the 20.0.0.267. The correct version is 20.0.0.233 for AIR. Adobe has released a security bulletin summarizing information on the fix.
It’s not such a large patch that aired earlier this month, which corrected no less than 77 different software vulnerabilities to the company. Rest Adobe has offered a loaded 2015 years side vulnerabilities: a total of 316 bugs were unearthed only on Flash! A figure significantly higher than in 2014: according to journalist Michael Horowitz, Adobe patchait about 12 bugs per month in 2014 against 26 per month in 2015.
Several factors come into play to explain this sudden resurgence of vulnerability. Hacking hacking Impact Team, increasing popularity of Flash vulnerabilities among cybercriminals; the reasons are not lacking. Adobe has recently recognized that it was time for the technology to “retire”. The rise of HTML5 also pushes the tool owner of Adobe in the nettles.
No comments:
Post a Comment