Adobe announced today μια ενημέρωση έκτακτης ανάγκης μόνο που θα κυκλοφορήσει την Πέμπτη 16 Ιουνίου. Το επερχόμενο patch θα καθορίσει ένα zero-day (πού αλλού;) στο Flash Player, who are currently using it for targeted attacks.
According to Anton Ivanov and Costin Raiu of Kaspersky, the vulnerability already used in targeted attacks.
The vulnerability identifier registered for this zero-day is CVE-2016-4171, and Adobe reports that it affects both Flash Player 21.0.0.242 and earlier versions running on Windows, Macintosh, Linux and Chrome OS.
Flash Player 21.0.0.242 is the latest version of the company. This means that zero-day affects all Flash-based systems.
The vulnerability helps an attacker crash a Flash Rlayer installation in an unsafe manner, which then allows him to run malicious code on the victim's system and take charge of its management.
If you are using Flash Player, immediately disable the application, or plugin, until at least the Adobe ch patch is released…
