Adobe Releases Another Emergency Update for Flash

flashicon.jpgAdobe today released a second security update for its Adobe Flash Player software on both Mac and Windows, addressing a threat that could allow an attacker to take control of an affected system, executing malicious code. The vulnerability (CVE–2014–0502) allowed attackers to compromise at least three nonprofit organizations according to security firm FireEye (via ArsTechnica).
This threat actor clearly seeks out and compromises websites of organizations related to international security policy, defense topics, and other non-profit sociocultural issues. The actor either maintains persistence on these sites for extended periods of time or is able to re-compromise them periodically.

This actor also has early access to a number of zero-day exploits, including Flash and Java, and deploys a variety of malware families on compromised systems. Based on these and other observations, we conclude that this actor has the tradecraft abilities and resources to remain a credible threat in at least the mid-term.
Today's update follows a critical security update that was released just over two weeks ago, fixing the same zero-day vulnerability giving hackers complete control over compromised systems.

The vulnerability affects all Macs with Adobe Flash Player versions before 12.0.0.70 and Adobe recommends all users update their products to the latest of Flash. Adobe maintains a site where users can check the version of Flash installed and the up-to-date Flash software can be downloaded from Adobe's website.

Top Rated Comments

(View all)
Avatar
11 months ago
Just kill the damn thing Adobe.
Rating: 25 Votes
Avatar
11 months ago
I think I just heard the ghost of Steve Jobs say, "bag of hurt."
Rating: 15 Votes
Avatar
11 months ago

A secure platform wouldn't need these emergency updates.


Let me know when you write a program that spans millions of lines of code that you think is completely logically sound. Next, upload it and let thousands of people debug it. Afterward, try to determine where you messed up, and then go through all that code and figure out how to fix the error, followed by the one or more errors created due to the error you fixed. Have fun!
Rating: 15 Votes
Avatar
11 months ago
A secure platform wouldn't need these emergency updates.
Rating: 10 Votes
Avatar
11 months ago

And what platform is (or even could be) secure?


Pong.
Rating: 9 Votes
Avatar
11 months ago
I don't care about security. All I want from Flash is massively lowered CPU usage. :mad:
Rating: 9 Votes
Avatar
11 months ago
It would be wiser to uninstall Flash than to upgrade.
Rating: 7 Votes
Avatar
11 months ago

That's a platform? :confused:


Rating: 7 Votes
Avatar
11 months ago
>having Flash installed
>2014
Rating: 5 Votes
Avatar
11 months ago
I'm really tired of these biweekly updates and would love to totally ditch Flash completely.

Except I need it to watch pandas, BABY pandas, darn it. :(
Rating: 4 Votes
[ Read All Comments ]