Posted on 01/25/2015 9:08:43 PM PST by Swordmaker
Adobe on Saturday released an updated version of its Flash player software that patches an undisclosed vulnerability which could allow remote attackers to take control of Macs or PCs, urging users to update as the problem is being actively exploited by malicious actors.
Flash versions up to and including 16.0.0.287 on OS X and Windows and 11.2.202.438 on Linux are susceptible to the attack, the cause of which has yet to be detailed. Mac users with Adobe's automatic update feature enabled should begin receiving updates to version 16.0.0.296 immediately, and the company is preparing a standalone patch for manual installation to be released this week. Adobe is also working with Google to update the embedded version of Flash included in the Chrome browser.
The vulnerability — which has been assigned CVE number 2015-0311 — is "being actively exploited in the wild via drive-by-download attacks against systems running Internet Explorer and Firefox on Windows 8.1 and below," Adobe said in a security advisory. A "drive-by-download" attack is one in which software is downloaded to a user's computer without their knowledge or explicit consent.
Adobe defines CVE-2015-0311 as "critical," meaning a "vulnerability, which, if exploited would allow malicious native-code to execute, potentially without a user being aware."
Users can check the version of Flash installed on their system by visiting Adobe's About Flash Player page or right-clicking on Flash content in their browser and choosing "About Adobe (or Macromedia) Flash Player" from the contextual menu. Instructions for enabling automatic updates or manually updating Flash can be found here.
Afternoon Moose.
Good Morning ,NTI.
How’s tricks?
Was told, and it's a rumor, kind of second hand knowledge thus would have to answer ... tricky?
Thanks for the ping Sword...many computer users are amateurs, not pros like many who dismiss the impact these events may cause to the average user.
And I don’t think you engaged in hyperbole, IMO.
Checked just now, and I have version 16.0.0.296, which I assume patched the vulnerability. Will check the Windows 8.1 laptop that my wife uses in a few minutes. Thanks very much for posting your valuable and timely threads!
Is it that time of the week again?
Thank You for the Ping Moose!
Thanks for the ping.
I’m starting to think I need to UNINSTALL ADOBE AND FLASH
Interesting. I just checked Adobe's site and it still lists 16.0.0.287 as the current version. A scan with Secunia PSI shows the latest version to be 16.0.0.296 but Adobe doesn't seem to have it.
Monday morning mayhem...yes, afraid so. :)
Nut-job Conspiracy Theory Ping!
To get onto The Nut-job Conspiracy Theory Ping List you must threaten to report me to the Mods if I don't add you to the list...
No wonder the damn thing keeps asking me if I want to install updates.
Control Panel
Uninstall
Select Flash Player.................
“Checked just now, and I have version 16.0.0.296”
Where exactly do you check for that?
“f you see clouds moving in the animation below, congratulations, you have successfully installed Flash Player!”
The clouds are moving, but I didn’t do anything. Does that mean the update was automatically installed? It says my version is .296
Found it, thanks.
+http://helpx.adobe.com/flash-player/kb/installation-problems-flash-player-windows.html
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.