Adobe rolls out latest version of Flash Player 16.0.0.305 rectifying around 18 security flaws, among them a patch for 0-day exploit as well. This security update is an out-of-cycle update as Adobe normally releases security patches with Microsoft Patch Tuesday. The 0-day issue covers under CVE-2015-0313, a security flaw using an exploit kit a drop a malware on the victims machine through malvertising campaigns. Adobe advisory addresses FOUR use-after-free issues, SIX memory corruption issues, TWO type confusion issues, TWO heap buffer overflow, THREE null pointer deference and a buffer overflow. Most of the vulnerabilities allow remote execution of arbitrary code except in such cases where there is a null pointer deference that crashes the vulnerable application. Security updates are released for Windows, Linux and Macintosh OS X platforms. <more>
Tuesday, February 10, 2015
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment