Header Ads

Adobe issues patch for exploitable vulnerability in flash



Adobe Flash Player

Adobe has published a Security Bulletin for CVE-2014-0497. The new Security Bulletin, APSB14-04, identifies an integer underflow vulnerability which affects various versions of Adobe Flash Player across multiple platforms. Exploitation of this critical vulnerability could allow an attacker to remotely execute arbitrary code. Adobe has acknowledged that exploitation of the vulnerability has been reported in the wild.

Per the bulletin, the following versions of Adobe Flash Player are vulnerable:

  • Adobe Flash Player 12.0.0.43 and earlier versions for Windows and Macintosh
  • Adobe Flash Player 11.2.202.335 and earlier versions for Linux

Symantec Security Response is continuing to monitor the situation for additional information related to this vulnerability and will provide further guidance once it is available. They recommend applying the vendor supplied patches to mitigate possible exploitation.

Updates can be obtained directly from the Adobe Flash Player Download Center or by accepting the update prompt through the installed product. Versions of Flash Player embedded in Chrome and Internet Explorer can be updated to non-vulnerable versions by updating the respective browsers.

Source: Symantec



Back to top

No comments:

Powered by Blogger.