The vulnerability, tracked as CVE-2016-7855 in the Common Vulnerabilities and Exposures database, is a use-after-free error that could lead to arbitrary code execution.
Adobe released today Flash Player version 22.214.171.124 that fixes a critical security flaw discovered by two Google engineers, which they say was used in attacks against Windows users in the wild.
Adobe said an attacker had deployed this vulnerability as part of targeted attacks against users running Windows versions 7, 8.1 and 10.
Adobe is advising folks to update Flash Player - as malware is right now exploiting a newly discovered hole in the internet's screen door to hijack Windows PCs. The Flash Player runtime bundled with Google Chrome and Microsoft Edge or Internet Explorer 11 on Windows 10 and 8.1 will be updated automatically through those browsers' update mechanisms. For Linux, the patched version is 126.96.36.1993.
Adobe credits Neel Mehta and Billy Leonard from Google's Threat Analysis Group for reporting the exploit to the company.
Users and administrators of machines running Flash Player on Windows, MacOS, and Linux are being advised to update their software as soon as possible to avoid further attacks.
Security firm Trustwave recently reported that nearly 40 percent of the zero-day vulnerabilities identified in 2015 were in Flash Player and 80 percent of the new exploits added to widely used Web-based exploit kits were for Flash Player flaws.
- Marvel's Agents of SHIELD Season 4 Recap: 4.5: Lockup
- Chinese firm recalls camera products linked to massive DDOS attack
- After shooting of emotionally disturbed woman, NYC's top cop says "we failed"
- De Blasio Introduces Bill To Protect Domestic Violence Survivors
- Indians, Cubs Draw Big Audience to World Series Opener
- 76ers anthem singer says 'We Matter' shirt got her the boot
- Woman accused of embezzling $278000 from funeral home
- Burguer King se disfraza de McDonalds
- Pakistani people bravely fighting cowardly terrorist attacks
- U.N.: 'Barbaric' Islamic State indiscriminately killing civilians amid Mosul fight