Adobe to Release Patch for Critical Flash Vulnerability
Adobe will release a security update on April 7 to fix a critical vulnerability (CVE-2016-1019) in Adobe Flash Player 21.0.0.197. The vulnerability has been identified to be one that could “cause a crash and potentially allow an attacker to take control of an affected system,” and is known to be actively exploited in the wild.
According to the security advisory, the vulnerability affects Windows, Linux, Macintosh, and Chrome OS versions “being actively exploited on systems running Windows 10 and earlier with Flash Player version 20.0.0.306 and earlier”. Users are urged to immediately update to the latest version of Flash Player that includes a mitigation introduced in the March 10 Flash Player 21.0.0.182 update—an update that will prevent attackers from exploiting the vulnerability.
Update: Adobe has released the security update that addresses the identified vulnerabilities, including CVE-2016-1019, which has been identified as a vulnerability used by the Magnitude Exploit Kit to spread Locky ransomware.
[More from the Security Intelligence Blog: Zero-Day Attack Discovered in Magnitude Exploit Kit Targeting CVE-2016-1019 in Older Versions of Adobe Flash Player]
Like it? Add this infographic to your site:
1. Click on the box below. 2. Press Ctrl+A to select all. 3. Press Ctrl+C to copy. 4. Paste the code into your page (Ctrl+V).
Image will appear the same size as you see above.
Recent Posts
- Countering AI-Driven Threats With AI-Powered Defense
- Intercepting Impact: 2024 Trend Micro Cyber Risk Report
- The Illusion of Choice: Uncovering Electoral Deceptions in the Age of AI
- Navigating Risk Management: How Red Teaming Can Prepare Your Team for Actual Cyber Attacks
- UNWIRED: Understanding the Unforeseen Risks in Evolving Communication Channels