Jump to content

Adobe, Microsoft Push Fixes For 0-Day Threats....

ShyWriter

By ShyWriter
in General Chat

 Share

Recommended Posts

ShyWriter

ShyWriter

Posted
Posted

.

Adobe, Microsoft Push Fixes For 0-Day Threats

 

by Brian Krebs

 

For the second time this month, Adobe has issued an emergency software update to fix a critical security flaw in its Flash Player software that attackers are already exploiting. Separately, Microsoft released a stopgap fix to address a critical bug in Internet Explorer versions 9 and 10 that is actively being exploited in the wild.

 

brokenflash-a.png

 

The vulnerabilities in both Flash and IE are critical, meaning users could get hacked just by visiting a compromised or booby-trapped Web site. The Flash patch comes just a little over two weeks after Adobe released a rush fix for another zero-day attack against Flash.

 

Adobe said in an advisory today that it is aware of an exploit that exists for one of three security holes that the company is plugging with this new release, which brings Flash Player to v. 12.0.0.70 for (Chrome-Linux)Mac and Windows systems.

 

This link will tell you which version of Flash your browser has installed. IE10/IE11 and Chrome should auto-update their versions of Flash, although IE users may need to check with the Windows Update feature built into the operating system. (Much more..)

 

Read the rest plus access SHIM fix at: https://krebsonsecurity.com/2014/02/adobe-microsoft-push-fixes-for-0-day-threats/

 

Steve

Link to post
Share on other sites
GT500

GT500

Posted
Posted

Interestingly, there is no Adobe Flash 12.0.0.70 for Linux. Google's Pepper Flash for Chromium on Linux has support for 12.0.0.70 features, but the official Adobe Flash player for Linux is currently version 11.2.202.341 (as per the link in the article).

Link to post
Share on other sites
ShyWriter

ShyWriter

Posted
  • Author
Posted

.

I posted the update yesterday morning in General Software sub-Forum.

 

https://forums.malwarebytes.org/index.php?showtopic=124898&p=794207

 

12.0.0.70 was the download one got even tho' the table showed ".44" as the newest. A test of the version one had would also show ".44" installed (before downloading) without showing a newer version was available. Downloading would show 12.0.0.70 installed.  In other words, the download people got their file made available before the documentation people got the wording done. :)

 

@Arthur

11.2.202.341 is the last version Adobe made for linux. Other than security fixes (these fixes were for Windows vulnerabilities) the Linux version will stay at 11.2.202.341. I.e.; it's EOL except for security fixes. Google (pepper flash - 12.0.0.70) is doing their own thing on linux and is not officially an Adobe product.

 

Cheers,

Steve

Your friendly software updater, punching bag, etc, et al.. :)

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.