Adobe recently released security bulletins confirming that there is a security flaw in all versions of Flash software on Windows, Macs and Linux platforms, foreign media reported. Adobe plans to fix the bug by releasing patches on the week of October 19, or next week.
Adobe confirms flash hazard Vulnerability (image from Cnbeta)
The Flash Flaw (cve-2015-7645) was reported by researchers at security firm Trend, the report said. Hackers who launched the Pawn storm attack were found to be using the flaw to launch attacks. Adobe confirms that the compromised system could be down and that hackers could control the compromised system.
"Recently, the storm has launched attacks against foreign ministries in several countries across the globe," trend explained. The target will receive a fraudulent email, and clicking on the link will be compromised. Email and links are disguised as information related to the current hot event. It is worth noting that the malicious link in the email was similar to the attack on NATO members and the White House in April this year. ”
Adobe confirms that this flaw exists with all versions of Flash: Adobe Flash Player 19.0.0.207 and earlier versions on Windows and MAC platforms; Adobe Flash Player Extended support release 18.0.0.252 and earlier versions of 18.x; Adobe Flash Player 11.2.202.535 and earlier versions of 11.x on Linux platforms.
Although this week, Adobe released security patches for this month, including security patches for flash. Unfortunately, Patch software does not fix today's proven flaws, flash users will need to install the patch software next week. In view of the number of flash defects discovered and exploited, many websites now use Flash instead of HTML5 technology.
Adobe confirms flash hazard vulnerability: all versions involved