Not to be outdone by Microsoft, Adobe announces zero-day exploit patch for Flash

After the recent Microsoft Internet explorer zero day announcement there comes an Adobe bulletin about a zero day in flash.

Although that bug is entirely in Microsoft’s code, the exploits currently seen “in the wild” rely on a Flash file to get things going. In the IE attacks flash is used by attackers to create the circumstances needed to make their exploit succeed. This newly announced flash exploit is unrelated. APSB14-13 is a bug in Flash itself that apparently allows remote code execution. That means that you could be infected just by viewing a Flash file in your browser. Adobe is not really saying what is wrong, but there has been a patch released. Adobe rates this patch Priority 1, Critical. So you may as well patch just as soon as you can.

Article: http://nakedsecurity.sophos.com/2014/04/29/not-to-be-outdone-by-microsoft-adobe-announces-zero-day-exploit-patch-for-flash/

 

Advertisements

17 thoughts on “Not to be outdone by Microsoft, Adobe announces zero-day exploit patch for Flash

  1. Every time i read something online about exploits it only makes me more paranoid

    • I’ve come to accept that there’s nothing I can do. My life is in the hands of electronic signals being interpreted properly and some person I’ve probably never met having the decency to overlook my information that’s in the hands of fools.

  2. I really dont think people understand that there are vulnerabilities in EVERYTHING, nothing is 100% safe, but when a new one is found everyone spazzes

    • I think people are inherently trusting in technology. When they see a trusted company release a piece of software that has a hole, they get upset because they feel like their trust has been broken. What people don’t realize is that technology WILL break, and break often.

  3. Do you think this is a good case for switching over to html 5 video instead of flash? Flash is pretty constantly having new exploits found, or at least at a higher rate than html 5 is…

    • Flash is used for so much though. I think its best to just keep flash as up to date as possible

    • That’s probably because html 5 isn’t used as much. Were the majority of people to switch over to html 5 we would hear about more exploits. It’s all about the density of people over a media/tool

  4. A new vulnerability is very concerning but I’m glad Adobe could release a patch very fast. I believe that it is hard to create a product without vulnerabilities and that fixing it quickly is a good way to assure quality.

    • It’s essentially impossible to build a product without some sort of technical or mechanical vulnerability. That said, it looks good for a company to come clean with their issues and release a patch within a timely manner.

    • The reason that adobe released a patch so fast is because they didn’t announce the exploit till they had the patch ready

  5. The problem with switching over to HTML 5 is that there is a lot of web content that uses flash, and it would be impossible to update everything. So you’d still have to have a way for people to use flash…and we’re back where we started…

  6. “Although that bug is entirely in Microsoft’s code, the exploits currently seen “in the wild” rely on a Flash file to get things going.”

    In that case how much of the problem is really Adobe’s fault.

Comments are closed.