After discovering a previously unknown remote exploit, Adobe Systems, Inc. has released a critical security patch for Flash Player. They are urging all users to download the latest version as soon as possible.The security bulletin said that the updates are meant to address a critical security vulnerability that would allow a malicious attacker to remotely exploit the affected computer. Adobe said they are aware of reports stating that this exploit exists in the wild.
The advisory stated that the security updates for the flaw (CVE-2014-0497) were released for the following versions of Adobe Flash Player:
Adobe thanked Alexander Polyakov and Anton Ivanov, researchers from Kaspersky Lab, for finding and reporting the vulnerability to them.
How To Update Your Flash Player:
Since Flash is so prevalent on the web, it’s vital to keep your organizations applications and software updated. Remind employees to update their systems, and administer a mass update if you’re able. Corporations, especially major enterprises, are vulnerable to remote exploits such as the one Adobe is patching in this update. There’s just so much juicy data and intellectual property that could be sold for a pretty penny or used for other malicious purposes. There’s too high a risk in not updating your Flash Player today, both at home and in the office, so take a few minutes and patch it up, and if you’re on the security team at your organization, consider sending a mass email reminding everyone to do the same.
Read Adobe’s Security Bulletin here.
Sign up today & never miss an update from the Checkmarx blog
Interested in trying CxSAST on your own code? You can now use Checkmarx's solution to scan uncompiled / unbuilt source code in 18 coding and scripting languages and identify the vulnerable lines of code. CxSAST will even find the best-fix locations for you and suggest the best remediation techniques. Sign up for your FREE trial now.
Checkmarx is now offering you the opportunity to see how CxSAST identifies application-layer vulnerabilities in real-time. Our in-house security experts will run the scan and demonstrate how the solution's queries can be tweaked as per your specific needs and requirements. Fill in your details and we'll schedule a FREE live demo with you.