Adobe Confirms New Zero-Day Flash Bug

Thursday Feb 16th 2012 by Staff

The company has issued a patch for seven security vulnerabilities.

Computerworld: On Wednesday, Adobe issues a patches for seven critical vulnerabilities for its Flash player, including one zero-day cross-site scripting flaw identified by Google. "This update resolves a universal cross-site scripting vulnerability that could be used to take actions on a user's behalf on any website or Web mail provider, if the user visits a malicious website," said Adobe. "There are reports that this vulnerability is being exploited in the wild in active targeted attacks designed to trick the user into clicking on a malicious link delivered in an email message."

Adobe is currently working on "sandboxed" versions of Flash. Sandboxing would have prevented hackers from exploiting these current vulnerabilities.

Mobile Site | Full Site
Copyright 2017 © QuinStreet Inc. All Rights Reserved