430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Hackers Steal Data of 4.38 Million Aflac Japan Customers|Apple Fixes WebKit Flaws in iOS and macOS, With Help From AI Tools|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Hackers Steal Data of 4.38 Million Aflac Japan Customers|Apple Fixes WebKit Flaws in iOS and macOS, With Help From AI Tools|
Advertisement

Ad Placeholder

Full Width × 90

Breaking News

CVE-2016-4117 Adobe Flash Zero-Day is being exploited in the wild

CVE-2016-4117 is a zero-day vulnerability affecting the Adobe Flash Player that is being exploited to launch malware-based attacks in the wild. According to Adobe, a new zero-day vulnerability in the Flash Player software is being exploited in cyber attacks in the wild, and the worrisome new is that it will not be patched until May 12th. […]

CVE-2016-4117 Adobe Flash Zero-Day is being exploited in the wild

CVE-2016-4117 is a zero-day vulnerability affecting the Adobe Flash Player that is being exploited to launch malware-based attacks in the wild.

According to Adobe, a new zero-day vulnerability in the Flash Player software is being exploited in cyber attacks in the wild, and the worrisome new is that it will not be patched until May 12th.

The  security vulnerability (CVE-2016-4117) affects Windows, Mac OS X, Linux and Chrome OS.

Adobe rated critical the vulnerability discovered by the security expert Genwei Jiang from FireEye, which also confirmed that it is being used in targeted attacks.

CVE-2016-4117 flash targets-security

“A critical vulnerability (CVE-2016-4117) exists in Adobe Flash Player 21.0.0.226 and earlier versions for Windows, Macintosh, Linux, and Chrome OS. Successful exploitation could cause a crash and potentially allow an attacker to take control of the affected system.” reads the advisory published by Adobe.

“Adobe is aware of a report that an exploit for CVE-2016-4117 exists in the wild.  Adobe will address this vulnerability in our monthly security update, which will be available as early as May 12. For the latest information, users may monitor the Adobe Product Security Incident Response Team blog.”

The Adobe Product Security Incident Response Team also reported the availability of a patch for three flaws (CVE-2016-1113, CVE-2016-1114, CVE-2016-1115) in the ColdFusion application server platform.

The company also issued updates for the Adobe Acrobat and Adobe Reader product lines.

[adrotate banner=”9″]

Pierluigi Paganini

(Security Affairs – Adobe, CVE-2016-4117 zero-day)