Europe Confirms Record €4.1B Penalty Against Google for Android Practices|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Europe Confirms Record €4.1B Penalty Against Google for Android Practices|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|
Advertisement

Ad Placeholder

Full Width × 90

Breaking News

Critical Adobe Flash Zero-Day Vulnerability Actively Being Exploited In-the-Wild

Despite both Microsoft and Adobe releasing patches on Tuesday (10/13/2015), a critical Flash zero-day flaw remains unpatched in Adobe’s latest update. Despite both Microsoft and Adobe releasing critical patches on Tuesday (10/13/2015), a critical zero-day vulnerability remains unpatched in Adobe’s latest update. As per Adobe APSA15-05, this vulnerability (CVE-2015-7645) remains unpatched is actively being exploited in-the-wild. Adobe plans […]

adobe flaws

Despite both Microsoft and Adobe releasing patches on Tuesday (10/13/2015), a critical Flash zero-day flaw remains unpatched in Adobe’s latest update.

Despite both Microsoft and Adobe releasing critical patches on Tuesday (10/13/2015), a critical zero-day vulnerability remains unpatched in Adobe’s latest update. As per Adobe APSA15-05, this vulnerability (CVE-2015-7645) remains unpatched is actively being exploited in-the-wild. Adobe plans to release a patch that addresses this vulnerabiltiy at some point during the week of October 19th.

Affected Versions:

Adobe Flash Player 19.0.0.207 and earlier for Windows and Macintosh
Adobe Flash Player Extended Support Release 18.0.0.252 and earlier 18.x versions
Adobe Flash Player 11.2.202.535 and earlier 11.x versions for Linux

Recent Patches Address Several Vulnerabilities in Popular Applications

Flashback botnet

Patch breakdown:

Adobe Reader & Acrobat: ~56 Vulnerabilities Patched
Adobe Flash Player: ~13 Vulnerabilities Patched
Microsoft Windows, Office, & Other Apps: ~36 Vulnerabilities Patched
# of Critical Microsoft Vulnerabilities: 3
Microsoft Application w/ Most Security Issues Addressed: Internet Explorer (& Microsoft Edge)

An archive of Microsoft’s Security Advisories, including those published on Tuesday, can be found at this URL.

About the Author Michael Fratello

Michael Fratello is a Security Engineer employed by CipherTechs, Inc., a privately held information security services provider located in downtown Manhattan, New York.  Specializing in Penetration Testing and Digital Forensics, Michael, a St. John’s University graduate majoring in Computer Security Systems, has developed a passion for information security and often spends his free time studying, programming, and researching the exponentially growing number of threats found in-the-wild today.

Edited by Pierluigi Paganini

(Security Affairs –  zero-day, Flash)