Friday, 18 March 2016

Adobe Issues Emergency Patch For Flash Bug

Adobe

Adobe Issued Emergency Patch for Flash Media Player


Emergency patch for Flash media player had been issued by Adobe to close the loopholes in the most popularly used software. Adobe had mentioned in its security advisory, that they are aware of a report that an exploit for CVE-2016-1010 is being used in limited targeted attacks and the notice advised Flash users to install the update at the earliest. The patch in total closes 23 separate security bugs in Flash player.

Those invading the security holes would be in a position of overtaking a computer and steal valuable data or spy on the owner of the system. For updates, users need to apply the patch quickly since several of the problem related seems to be critical and of the highest level. The holes are found in Flash and in versions of the other Adobe programs utilised on several platforms and devices.

Those devices at risk comprise of Windows machines, Macs and Linus computers together with phone running Android and iOS. Several different security researches inclusive of experts at Alibaba, Kaspersky Labs, Google and Microsoft had alerted Adobe to the issue with its Flash player. Most of the security firms have suggested that users could uninstall the flash player in order to refrain from being victim to malicious attachments or booby-trapped webpages.

Recommended to Uninstall Flash/Java/Silverlight


The patch brings about the latest version of Flash to 21.0.0.182 for Windows and Mac and 11.2.202.577 for Linux. Readers are recommended to uninstall Flash, Java and Silverlight browser extensions to check if they are essential. For several individuals, it is not essential and the reduced attack surface had lowered the chances of being visited by remote code-execution attacks.

Those who tend to depend on Flash in order to access the intranet of a company or any other site should consider utilising a dedicated browser for the same. In an effort at preventing attackers, several of the web firms have now stopped using Flash. Recently most of the other companies had issued security patches and the update of Firefox closed 40 single susceptibilities, which were over half of those considered as critical.

Security Bulletin Released By Adobe


Besides, Google has also issued for Chrome an update which among others had closed three security holes considered as `high’ severity and paid bug bounties amounting to $13,000 to the two researchers who had exposed the loopholes. Microsoft had recently issued its steady monthly security update which had attempted 13 issues in various programs comprising of the Internet Explorer as well as Edge browsers.

A security bulletin APSB16-08 had been released by Adobe acknowledging Kaspersky Lab for reporting CVE-1015-1010. The exposure could probably enable an attacker to take control of the affected system. The researchers of Kaspersky Lab researchers observed the usage of this weakness in a limited number of target attacks.

Adobe had mentioned in a December statement that though standards such as HTML5 would be the web platform for the future for all devices, Flash tends to continue to be utilised in main categories like Web gaming as well as premium video wherein fresh standards would have to be fully mature.

No comments:

Post a comment

Note: only a member of this blog may post a comment.