Adobe fixes 35 critical security vulnerabilities including one actively exploited zero-day

Adobe has released a new version of its Flash Player that fixes 36 vulnerabilities including one that was actively used to infect computers with malware. Not only this so-called zero-day leak could be used to take over a vulnerable system, also 34 other vulnerabilities made this possible.

adobe-flash-player-logo

ADVERTISEMENT

That's because 35 of the 36 vulnerabilities could be used to execute random code on computers. Visiting a hacked or malicious website, viewing an infected advertisement or opening a Word document with embedded Flash object was sufficient for attackers to take control.

The remaining vulnerability allowed attackers to determine additional data about the attacked system.

Adobe advises users to update to the latest Flash Player within 72 hours, this can be done through the update feature of Flash or through Adobe.com. Chrome, Internet Explorer 10 and 11 users on Windows 8(.1) and Internet Explorer 11 and Microsoft Edge on Windows 10 will automatically receive a new version of the embedded Flash Player in their browser. Both Google and Microsoft already released such an update.

ADVERTISEMENT

This Adobe page can be used to determine which version of Adobe Flash is currently installed on your system.

No posts to display