Results 1 to 10 of 139

Thread: Adobe updates/advisories

Threaded View

Previous Post Previous Post   Next Post Next Post
  1. 2012-05-04, 21:16 #11
    AplusWebMaster
    AplusWebMaster is offline
    Adviser Team AplusWebMaster's Avatar
    Join Date
    Oct 2005
    Location
    USA
    Posts
    6,881

    Exclamation Flash Player v11.2.202.235 released

    FYI...

    Flash Player v11.2.202.235 released - 0-day Fix
    - https://www.adobe.com/support/securi...apsb12-09.html
    May 4, 2012
    CVE number: http://web.nvd.nist.gov/view/vuln/de...=CVE-2012-0779
    Platform: All Platforms
    Summary: ... an object confusion vulnerability (CVE-2012-0779) that could cause the application to crash and potentially allow an attacker to take control of the affected system. There are reports that the vulnerability is being exploited in the wild in active targeted attacks designed to trick the user into clicking on a malicious file delivered in an email message. The exploit targets Flash Player on Internet Explorer for Windows* only. Adobe recommends users of Adobe Flash Player 11.2.202.233 and earlier versions for Windows, Macintosh and Linux update to Adobe Flash Player 11.2.202.235... Users of Adobe Flash Player 11.1.115.7 and earlier versions on Android 4.x devices should update to Adobe Flash Player 11.1.115.8. Users of Adobe Flash Player 11.1.111.8 and earlier versions for Android 3.x and earlier versions should update to Flash Player 11.1.111.9...
    * Priority 1: This update resolves vulnerabilities being targeted, or which have a higher risk of being targeted, by exploit(s) in the wild for a given product version and platform. Adobe recommends administrators install the update as soon as possible...
    > https://blogs.adobe.com/psirt/2012/0...apsb12-09.html

    Download: https://www.adobe.com/products/flash...ribution3.html

    Android: https://market.android.com/details?i...be.flashplayer
    ___

    Flash test site: http://www.adobe.com/software/flash/about/

    Flash Player update closes critical object confusion hole
    Severity: High Severity
    - http://atlas.arbor.net/briefs/
    Published: Monday, May 07, 2012
    Adobe Flash update addresses critical security hole.
    Analysis: This vulnerability has been used in active attacks although they are apparently not widespread attacks. Attackers will often use newer vulnerabilities and 0days on special targets of high value first. At some point, the exploit code will leak or a post-compromise analysis will reveal the vulnerability and/or the exploit involved and then the gates open for more compromise activity by others with a variety of motives.
    Source: http://h-online.com/-1568704

    - https://www.us-cert.gov/current/#ado...advisory_for14
    May 4, 2012

    - http://www.securitytracker.com/id/1027023
    May 4 2012 - "... vulnerability is being actively exploited against Flash Player on Internet Explorer in targeted cases. Microsoft Vulnerability Research (MSVR) reported this vulnerability..."

    Last edited by AplusWebMaster; 2012-05-09 at 12:45.
    The machine has no brain.
    ......... Use your own.
    Browser check for updates here.
    YOU need to defend against -all- vulnerabilities.
    Hacks only need to find -1- to get in...
    .
« Previous Thread | Next Thread »

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

Forum Rules