Adobe reveals yet another serious Flash security vulnerability


Here’s why you need to update Adobe Flash immediately

Adobe have released a patch for a huge security vulnerability that has been discovered in the wake of the cyber attack on the spy group, Hacking Team.

The vulnerability (CVE-2015-5119), which has been categorised as ‘critical’ by Adobe, potentially affects all Windows, Linux and and Mac machines running Adobe Flash Player.

“Successful exploitation could cause a crash and potentially allow an attacker to take control of the affected system,” read a statement from Adobe.

The vulnerability is said to come from a hole in a line of code in Adobe Flash which if exploited, could be used to take control of a computer in order to expose any information or personal files stored locally on the device.

The vulnerability was discovered after Hacking Team, an Italian security firm which sells spy software to government organisations around the world, was itself hacked earlier this week.

The cyber attack resulted in more than 400GB of data being released into the public domain.

The leaked data revealed that the Hacking Team had known about this latest Adobe security vulnerability for some time, describing it as “the most beautiful Flash bug for the last four years”.

This isn’t the first time Adobe has been forced to act swiftly in order to fix a critical security vulnerability.

In January 2015, the company had to urgently release a patch after another flaw in Flash Player meant that malware known as ‘malvertisements’ could be installed on computers running the program.

Users of Adobe Flash program, which is estimated to be installed more than one billion personal computers around the world, are urged to update to the latest version immediately.

Source: Adobe Security Bulletin


Comments are closed.