New zero-day exploit hits fully patched Adobe Flash Attackers are exploiting a previously unknown vulnerability in fully patched versions of Adobe's Flash Player so they can surreptitiously install malware on end users' computers, security researchers warned Tuesday. So far, the attacks are known to target only government agencies as part of a long-running espionage campaign carried out by a group known as Pawn Storm, researchers from antivirus provider Trend Micro said in a blog post published Tuesday. It's not unusual for such zero-day exploits to be more widely distributed once the initial element of surprise wanes. The critical security flaw is known to reside in Flash versions 19.0.0.185 and 19.0.0.207 and may also affect earlier versions. At this early stage, no other technical details are available. The researchers wrote: more http://arstechnica.com/security/2015/10/new-zero-day-exploit-hits-fully-patched-adobe-flash/
what annoys me is we have had the technology to be totally free of that Adobe crapware nearly a decade ago.. HTML5 .. it's sheer lazyness from web devs and commercial tie in nonsense to stick with this outdated junkware streaming player !!
Why lookie there, 19.0.0.207 is the most recent version available. Adobe has jumped right on that problem.
Agreed! Abobe has no concept of tight coding. Even M$ makes them look like amateurs. At least this was caught early? I remember one where the air updater could be duped and install malware in its place. I just removed my C: drive when things were wacky and I couldn't find any malware using over a dozen malware utilities. I kept the drive 4 years later I had that dirve connected and a malware sweep detected adobe air updater was malware. That year that problem exploded but everyone pretended like this was a recent problem.