Tuesday, April 20, 2021

Adobe Patches Flash–Again

On Wednesday, Adobe released an out-of-band update for its Flash technology that addresses three security vulnerabilities. This is Adobe’s third emergency update this month and the second this month for Flash.

InformationWeek’s Matthew J. Schwartz reported, “Adobe has released an emergency update for Flash Player. The latest update, issued Tuesday, fixes three bugs, two of which are being actively targeted via zero-day attacks that can compromise users’ systems. According to Adobe’s security bulletin, ‘these updates address vulnerabilities that could cause a crash and potentially allow an attacker to take control of the affected system.'”

ZDNet’s Ellyne Phneah added, “Adobe also assigned a Priority 1 rating, its highest threat level, to the vulnerabilities exploited on Windows and Mac OS X, and advised users of both operating systems to install the update within 72 hours. This vulnerability identifies vulnerabilities being targeted or have a higher risk of being targeted. The note also assigned Priority 3 rating to a Flash vulnerability facing Linux users, which refers to products historically not a target of attackers.”

SecurityWatch’s Fahmida Y. Rashid noted, “Users can download the latest version from the Adobe website, or turn on background updates and let the software grab the version automatically. Google and Microsoft will update Flash on Chrome and Internet Explorer 10 (for Windows 8) separately.”

Computerworld’s Greg Keizer observed, “Tuesday’s ‘out-of-band’ came less than three weeks after a Feb. 8 fix for two exploited-in-the-wild flaws. Adobe has also issued two other regularly scheduled updates for Flash this year as part of its plan to synchronize its security releases with Microsoft’s monthly Patch Tuesdays. The frequent Flash updates only add to what has become a hectic start to the year for security experts and IT administrators: Oracle has also shipped multiple updates for Java in the last two months, including a pair of rush updates to quash actively exploited bugs.”

Similar articles

Latest Articles

IT Planning During a...

Without a doubt, 2020 changed everything. I like to compare it to a science fiction movie where time travel is involved. Clearly, we have...

Best Data Quality Tools...

Data quality is a critical issue in today’s data centers. The complexity of the Cloud continues to grow, leading to an increasing need for...

NVIDIA’s New Grace ARM/GPU...

This week is NVIDIA’s GTC, or GPU Technology Conference, and they likely should have changed the name to ATC because this year – it...

What is Data Segmentation?

Definition of Data Segmentation Data segmentation is the process of grouping your data into at least two subsets, although more separations may be necessary on...