Search the Community
Showing results for tags 'Adobe'.
Found 3 results
On Thursday Adobe announced that they are issuing an emergency update to their Flash software. Researchers have discovered that a zero-day vulnerability in the Flash software is being exploited to deliver ransomware to Windows PC's. The software maker is urging the more than 1 billion users of Flash on Windows, Mac, Chrome and Linux computers to update the product as quickly as possible after security researchers said the bug was being exploited in "drive-by" attacks that infect computers with ransomware when "compromised" websites are visited. The type of ransomware involved is called "Cerber" which uses a 'voice' tactic that reads aloud the ransom note to create a sense of urgency and stir users to pay up. The security firm FireEye said that the bug was being leveraged to deliver ransomware in what is known as the Magnitude Exploit Kit. This is an automated tool sold on underground forums that hackers use to infect PCs with viruses through compromised websites. Exploit kits are used for "drive-by" attacks that automatically seek to attack the computers of people who view an infected website. If you use Adobe's Flash then "it's very highly recommended that you update the software ASAP!" Here is the official Adobe Security Bulletin: https://helpx.adobe.com/security/products/flash-player/apsb16-10.html You can update Flash here: https://get.adobe.com/flashplayer/ Regards, Ritchie...
Adobe is recommending that users update their Flash Players immediately -- especially those who frequent Google Chrome and Internet Explorer. The company released an emergency security bulletin on Tuesday that addresses vulnerabilities in Flash, which could be exploited by hackers. "This vulnerability could allow an attacker to remotely take control of the affected system," Adobe wrote in a blog post. "Adobe is aware of reports that an exploit for this vulnerability exists in the wild, and recommends users apply the updates referenced in the security bulletin." Adobe assigned a Priority 1 rating to the vulnerabilities being exploited on Windows and Macintosh and advised users of both operating systems to install the update. That rating -- Adobe's highest threat level -- identifies "vulnerabilities being targeted, or which have a higher risk of being targeted, by exploit(s) in the wild." The bulletin also said that the Flash vulnerability faced by Linux users rated a Priority 3, which refers to "a product that has historically not been a target for attackers." Adobe recommends users update to the latest versions: Users of Adobe Flash Player 126.96.36.199 and earlier versions for Windows and Macintosh should update to Adobe Flash Player 188.8.131.52. Users of Adobe Flash Player 184.108.40.2065 and earlier versions for Linux should update to Adobe Flash Player 220.127.116.116. Adobe Flash Player 18.104.22.168 installed with Google Chrome will automatically be updated to the latest Google Chrome version, which will include Adobe Flash Player 22.214.171.124 for Windows, Macintosh and Linux. Adobe Flash Player 126.96.36.199 installed with Internet Explorer 10 will automatically be updated to the latest Internet Explorer 10 version, which will include Adobe Flash Player 188.8.131.52 for Windows 8.0. Adobe Flash Player 184.108.40.206 installed with Internet Explorer 11 will automatically be updated to the latest Internet Explorer 11 version, which will include Adobe Flash Player 220.127.116.11 for Windows 8.1. Article by: Dara Kerr - Freelance Journalist & CNET contributing editor Here is the Adobe Security Bulletin CVE-2014-0497: http://helpx.adobe.c.../apsb14-04.html This is a direct link to Adobe's Download Center to get the 18.104.22.168 update: http://get.adobe.com/flashplayer/ If you don't want the McAfee Security Scan Plus software included "don't forget to uncheck that box!" Regards, Ritchie...
Adobe issued an emergency update to its Flash Player to fix two zero-day threats, the company announced yesterday. The updates affect all versions of Flash on Windows, Mac, Linux, and Android. The vulnerabilities currently are being exploited "in the wild," says Adobe's blog on the patches. According to the Kaspersky ThreatPost blog on the pair of zero-days, one attack targets "aerospace and other manufacturing companies" by tricking people into opening a Microsoft Word document with malicious Flash content embedded in it. The second zero-day targets Firefox and Safari on Mac OS X by tricking you into visiting Web sites hosting malicious Flash content, and it aims at Windows users by way of a Microsoft Word attachment delivered via e-mail. Adobe listed on its blog the affected versions of Flash, and it recommended actions to take. Apple iOS is not affected, since it has never been compatible with Flash. Adobe recommends users update their product installations to the latest versions: Users of Adobe Flash Player 11.5.502.146 and earlier versions for Windows and Macintosh should update to Adobe Flash Player 11.5.502.149. Users of Adobe Flash Player 22.214.171.1241 and earlier versions for Linux should update to Adobe Flash Player 126.96.36.1992. Flash Player installed with Google Chrome will automatically be updated to the latest Google Chrome version, which will include Adobe Flash Player 188.8.131.52 for Windows, Macintosh and Linux. Flash Player installed with Internet Explorer 10 for Windows 8 will automatically be updated to the latest version of Internet Explorer 10, which will include Adobe Flash Player 11.3.379.14 for Windows. Users of Adobe Flash Player 184.108.40.206 and earlier versions on Android 4.x devices should update to Adobe Flash Player 220.127.116.11. Users of Adobe Flash Player 18.104.22.168 and earlier versions for Android 3.x and earlier versions should update to Flash Player 22.214.171.124. You can go to the Adobe Flash Player Download Center to update your version of Flash. By, Seth Rosenblatt - CNET Senior Editor