Adobe Confirms New Zero-Day Flash Bug

The company has issued a patch for seven security vulnerabilities.

Computerworld: On Wednesday, Adobe issues a patches for seven critical vulnerabilities for its Flash player, including one zero-day cross-site scripting flaw identified by Google. "This update resolves a universal cross-site scripting vulnerability that could be used to take actions on a user's behalf on any website or Web mail provider, if the user visits a malicious website," said Adobe. "There are reports that this vulnerability is being exploited in the wild in active targeted attacks designed to trick the user into clicking on a malicious link delivered in an email message."

Adobe is currently working on "sandboxed" versions of Flash. Sandboxing would have prevented hackers from exploiting these current vulnerabilities.

Tags: security vulnerabilities, Adobe Flash

0 Comments (click to add your comment)
Comment and Contribute


(Maximum characters: 1200). You have characters left.