Remember That Flash Exploit That Popped Up Last Week… Well, There’s Actually TWO Of Them

Last week I told you about an Adobe Flash exploit that had been around since November and was actively being used by North Korean hackers. Adobe promised to fixed it this week and they did. But in the process of fixing that exploit, they disclosed that there was a second exploit that was floating around unfixed. It’s documented in the CVE database as CVE-2018-4877 and in short, it’s an exploit that allows for remote code execution. In other words, doing something as simple as opening a webpage or other document with a malicious Flash file embedded in it will pretty much result in pwnage if you have the wrong version of Flash installed. Thus, you should update your version of Flash right now to avoid pwnage.

Or the better route is to dump Flash completely because it’s a security nightmare that Adobe cannot remedy. Thus since Adobe can’t save you from the nasties that are out there, you have to save yourself.

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

w

Connecting to %s

%d bloggers like this: