Last week, Adobe announced that it was beginning to move developers away from Flash and onto HTML5 for dynamic web content. This is one of the largest Adobe Flash updates in months September’s scheduled update included patches for 23 vulnerabilities. In addition to the dozens of use-after-free vulnerabilities, Adobe also patched a dozen memory corruption vulnerabilities, two heap buffer overflows, stack, integer and buffer overflow vulnerabilities, in additional to security bypass flaws and a type confusion vulnerability. Adobe also released an update for Google Chrome and Microsoft’s Edge browser, as well as Internet Explorer 10 and 11. Most of the vulnerabilities (56) are use-after-free flaws that could lead to code execution on the compromised machine.Īdobe said version 19.0.0.245 and earlier for Windows and Macintosh are affected for the desktop version of Flash. None of the patched vulnerabilities, Adobe said, are being exploited publicly. Released just an hour before Microsoft’s scheduled Patch Tuesday release, Adobe pushed out a new version of the maligned Flash Player that addressed 79 CVEs. Adobe may indeed be thinking about phasing out Flash Player, and updates like today’s monster security bulletin will only serve to fuel that movement going forward.
0 Comments
Leave a Reply. |
Details
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |