Adobe Flash Player out-of-band update

Adobe rolls out latest version of Flash Player 16.0.0.305 rectifying around 18 security flaws, among them a patch for 0-day exploit as well. This security update is an out-of-cycle update as Adobe normally releases security patches with Microsoft Patch Tuesday. The 0-day issue covers under CVE-2015-0313, a security flaw using an exploit kit a drop a malware on the victims machine through malvertising campaigns. Adobe advisory addresses FOUR use-after-free issues, SIX memory corruption issues, TWO type confusion issues, TWO heap buffer overflow, THREE null pointer deference and a buffer overflow. Most of the vulnerabilities allow remote execution of arbitrary code except in such cases where there is a null pointer deference that crashes the vulnerable application. Security updates are released for Windows, Linux and Macintosh OS X platforms. <more>

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>