Sunday, June 13, 2021

Adobe rolls out emergency Flash patch

Adobe Systems yesterday patched three new vulnerabilities in Flash Player which are being used by hackers to attack Firefox users.

The vulnerabilities are being used by attackers to home in on zero-day vulnerabilities in the media player browser plug-in.

“Adobe is aware of reports that CVE (common vulnerability exposures)-2013-0643 and CVE-2013-0648 are being exploited in the wild in targeted attacks designed to trick users into clicking a link which directs to a Web site service malicious Flash content,” an advisory issued by the company said.  “The exploit for CVE-2013-0643 and CVE-2013-0648 is designed to target the Firefox browser.”

The patched versions of Flash Player for Windows, Mac, and Linux can be downloaded from Adobe’s Web site.

The Networkworld.com report said Mozilla has not replied to questions about the attack which according to Adobe singles out Firefox.

In January Mozilla had taken steps secure Firefox. The company said it was automatically disabling all plug-ins in Firefox except for the latest version of Adobe’s Flash Player.

Mozilla said this was to safeguard users against drive-by attacks, which trigger exploits when victims visit a compromised Web site.

Since the attacks mentioned by Adobe involve unpatched flaws in the latest version of Flash Player, Mozilla’s maneuver might not have protected Firefox users.

Read the whole story here

 

Would you recommend this article?

0
0

Share

Thanks for taking the time to let us know what you think of this article!
We'd love to hear your opinion about this or any other story you read in our publication. Click this link to send me a note →

Jim Love, Chief Content Officer, IT World Canada

Related Tech News