Post by sherlew99 on Apr 28, 2014 19:56:25 GMT -6
Not to be outdone by Microsoft, Adobe announces zero-day exploit patch for Flash
by Paul Ducklin on April 29, 2014
Adobe's newly-announced Flash exploit is unrelated: APSB14-13 is a bug in Flash itself that apparently allows remote code execution.
That means that you could be infected just by viewing a Flash file in your browser.
The only important thing to remember is that applying this Adobe patch doesn't do anything to protect you against CVE-2014-1776, the recent Microsoft IE zero-day.
That IE zero-day doesn't require Flash; it's just that the currently-known exploits happen to use Flash as a handy "helper toolkit."
by Paul Ducklin on April 29, 2014
Adobe's newly-announced Flash exploit is unrelated: APSB14-13 is a bug in Flash itself that apparently allows remote code execution.
That means that you could be infected just by viewing a Flash file in your browser.
The only important thing to remember is that applying this Adobe patch doesn't do anything to protect you against CVE-2014-1776, the recent Microsoft IE zero-day.
That IE zero-day doesn't require Flash; it's just that the currently-known exploits happen to use Flash as a handy "helper toolkit."
Click here for more.
Adobe Flash Help Page