Adobe Issues Yet Another Emergency Flash Player Fix
Adobe has issued an emergency patch for Flash Player to fix a vulnerability detected by FireEye researchers. Well, this is not the first time that Adobe issued a patch to resolve vulnerability.
Ever since the year started, the company has issued 5 fixes. What does that mean? It means that Flash Player isn’t all that strong when it comes to security. According to the company, ‘Adobe is aware of reports that CVE-2015-3113 is being actively exploited in the wild via limited, targeted attacks.’
The latest update version 220.127.116.11 protects the popular browser plug-in which is affecting Windows and Firefox users. This version fixes the security hole called the Zero-Day exploits. FireEye discovered phishing attempts in companies from transportation, tech and telecom, construction and engineering, defense and aerospace industries.
The issue in the Flash Player ‘could potentially allow an attacker to take control of the affected system’ as per Adobe. The company has issued a list of Flash Player versions that might be at risk.
- Adobe FlashPlayer 18.104.22.168 and earlier versions for Windows and Macintosh
- Adobe FlashPlayer Extended Support Release version 22.214.171.1242 and earlier 13.x versions for Windows and Macintosh
- Adobe FlashPlayer 126.96.36.1996 and earlier 11.x versions for Linux
Security specialist, Mark James, from ESET said that the main reason for Flash Player being targeted is its massive popularity.
Since Flash is such a widely used plug-in, it stands to reason that it will be one of the most targeted apps for vulnerability. If you want to affect as many people as possible, then you need an application that a lot of users use, and Flash is one of them.