⬆️ ⬇️

New Flash Player vulnerabilities are exploited in-the-wild

Adobe has released the latest update APSB15-03 for its Flash Player, which fixes a critical 0day vulnerability in it. The vulnerability with identifier CVE-2015-0311 was used by attackers to conduct drive-by download attacks, i.e., covertly installing malware. For this, the Angler Exploit Kit exploit kit was used, which contained an exploit for this vulnerability in its arsenal. ESET anti-virus products detect various modifications of this exploit as SWF / Exploit.CVE-2015-0311.A .







Last week, the company re-released the update APSA15-01 , and also, a few days ago, released a new update, APSA15-02 . All these updates close vulnerabilities exploited by hackers.

')

This is a list of vulnerabilities that can be exploited.


The vulnerabilities are very serious because they allow attackers to remotely execute code through a vulnerable version of Flash Player in the latest version of Windows 8.1 with Internet Explorer 11.



We recommend regularly updating the Flash Player you use. Browsers such as Internet Explorer 10 & 11 on Windows 8 / 8.1 and Google Chrome update their Flash Player versions automatically. For IE, see the updated Security Advisory 2755801 . Check your version of Flash Player for relevance here , the table below shows these versions for various browsers.







image

be secure.

Source: https://habr.com/ru/post/249001/



All Articles