Adobe Releases Patch for Flash Zero-Day Vulnerability

Adobe has released a security advisory regarding a zero-day vulnerability (CVE-2014-0515) found in the program Adobe Flash. According to the advisory, the updates pertain to “Adobe Flash Player 13.0.0.182 and earlier versions for Windows, Adobe Flash Player 13.0.0.201 and earlier versions for Macintosh and Adobe Flash Player 11.2.202.350 and earlier versions for Linux.”

Adobe has also acknowledged that an exploit for this zero-day exists, targeting Flash players on the Windows platform. If exploited, the zero-day could allow a remote attacker to take control of the system.

Users should install the update as soon as they can. They can check out the version of Flash installed through a page in the Adobe website. Updates for Flash via Internet Explorer and Google Chrome will be done automatically but you may require restarting the browser. For users who rely on browsers other than Internet Explorer, they will need to install the update twice (one for IE and another for the other browser). Microsoft has also released a security advisory related to this vulnerability. For downloading updates, we encourage users to rely on Adobe’s official site as “Adobe updates” are often used by bad guys to deliver malware and other threats to users.

We will continue to monitor this threat and provide new information as necessary.

Post from: Trendlabs Security Intelligence Blog – by Trend Micro

Adobe Releases Patch for Flash Zero-Day Vulnerability

Read more: Adobe Releases Patch for Flash Zero-Day Vulnerability

Story added 28. April 2014, content source with full text you can find at link above.