Friday, December 3, 2021

Adobe Confirms New Zero-Day Flash Bug

Computerworld: On Wednesday, Adobe issues a patches for seven critical vulnerabilities for its Flash player, including one zero-day cross-site scripting flaw identified by Google. “This update resolves a universal cross-site scripting vulnerability that could be used to take actions on a user’s behalf on any website or Web mail provider, if the user visits a malicious website,” said Adobe. “There are reports that this vulnerability is being exploited in the wild in active targeted attacks designed to trick the user into clicking on a malicious link delivered in an email message.”

Adobe is currently working on “sandboxed” versions of Flash. Sandboxing would have prevented hackers from exploiting these current vulnerabilities.

Similar articles

Latest Articles