Adobe patches Flash to quash last two zero-days unearthed in Hacking Team’s cache

Adobe today patched Flash Player to quash a pair of zero-day vulnerabilities found in the massive cache of documents hackers stole from the Hacking Team surveillance company.

Earlier Tuesday, Google patched its Chrome browser with an updated version of Flash, signaling that Adobe would soon follow suit.

But Microsoft dropped the ball, having not only not yet patched Flash in its Internet Explorer 11 (IE11) or the default Edge browser in Windows 10, but ignoring the firestorm about the wave of Flash zero-days that have set some urging users to dump the plug-in.

“Mum’s the word about Flash from Microsoft,” tweeted Andrew Storms, vice president of security services at San Francisco-based security consultancy New Context. Storms was referring to the omission of any mention of the Flash flaws in the brief blog Tuesday attributed to the Microsoft Security Response Center (MSRC).

To read this article in full or to leave a comment, please click here