The vulnerability, tracked as CVE-2016-7855 in the Common Vulnerabilities and Exposures database, is a use-after-free error that could lead to arbitrary code execution.
Adobe released today Flash Player version 18.104.22.168 that fixes a critical security flaw discovered by two Google engineers, which they say was used in attacks against Windows users in the wild.
Adobe said an attacker had deployed this vulnerability as part of targeted attacks against users running Windows versions 7, 8.1 and 10.
Adobe is advising folks to update Flash Player - as malware is right now exploiting a newly discovered hole in the internet's screen door to hijack Windows PCs. The Flash Player runtime bundled with Google Chrome and Microsoft Edge or Internet Explorer 11 on Windows 10 and 8.1 will be updated automatically through those browsers' update mechanisms. For Linux, the patched version is 22.214.171.1243.
Adobe credits Neel Mehta and Billy Leonard from Google's Threat Analysis Group for reporting the exploit to the company.
Users and administrators of machines running Flash Player on Windows, MacOS, and Linux are being advised to update their software as soon as possible to avoid further attacks.
Security firm Trustwave recently reported that nearly 40 percent of the zero-day vulnerabilities identified in 2015 were in Flash Player and 80 percent of the new exploits added to widely used Web-based exploit kits were for Flash Player flaws.
- Clinton campaign aide rips Catholics in leaked emails
- COC Halloween Update, New Sea Monsters
- Early Voting Begins Monday In Illinois
- Trump vs. Clinton: ¿Quién va ganando la contienda presidencial?
- Pangu confirms jailbreak tool to release after iOS 10.1 update
- 'The Division' 1.4 patch notes & release date
- Solange To Perform On Saturday Night Live November 5
- Pulimurugan (2016) 16th Day Total Worldwide Box Office Collection
- Nancy Grace signs off from HLN after 12 years
- How Did Actress Kerry Washington Handles Pregnancy While Doing Season 6?