Adobe Flash Zero-Day found in the Wild

Corrine

Administrator,
Microsoft MVP,
Security Analyst
Staff member
Joined
Feb 22, 2012
Posts
12,393
Location
Upstate, NY
Adobe has released security updates for Adobe Flash Player 16.0.0.257 and earlier versions for Windows and Macintosh and Adobe Flash Player 11.2.202.425 and earlier versions for Linux. This update address the above-referenced Zero-Day. See follow-up post.

It is strongly advised that the update be applied as soon as possible.
 
Last edited:
Correction: From Threatpost, Adobe Patches One Zero Day in Flash, Still Investigating Separate Vulnerability:

"The vulnerability that Adobe patched Thursday is under active attack, but Adobe officials said that this flaw is not the one that security researcher Kafeine said Wednesday was being used in the Angler attacks."
The Threatpost article further indicated that there is no indication from Adobe officials that an update is in the works for the Angler zero-day vulnerability.
 
Adobe gets second Flash zero-day patch ready 2 days early! | Naked Security

If you have Flash Player set to auto-update, you'll receive the update automatically. Otherwise, the stand-alone installer for version 16.0.0.296 will be available for manual download during the week of January 26.

Do the following to set Flash Player to auto-update:

Windows: click Start > Settings > Control Panel > Flash Player
Macintosh: System Preferences (under Other) click Flash Player
Linux Gnome: System > Preferences > Adobe Flash Player
Linux KDE: System Settings > Adobe Flash Player

Adobe Security Bulletin
 
I see that the update is also available via Windows Update (KB3033408).

But, this update is only for Flash Player for Internet Explorer. This update was made available on 22nd January 2015.


Thanks Corrine ^_^
 
That is an earlier update, Pranav. There were two zero-days in the wild. This is the second one and the direct download links are now available. However, as of this posting the update for KB 3033408] hasn't been updated yet.

The direct download links:

Non-IE Plugin (Opera, Firefox, Etc.): http://download.macromedia.com/get/...ensing/win/install_flash_player_16_plugin.exe
Flash Player For Internet Explorer, Windows 7 and earlier: http://download.macromedia.com/get/...sing/win/install_flash_player_16_active_x.exe
 

Has Sysnative Forums helped you? Please consider donating to help us support the site!

Back
Top