Adobe has released a critical security patch (APSB17-32) for Adobe Flash Player. This update addresses a critical type confusion vulnerability that could lead to code execution. Windows, Macintosh and Linux operating systems are affected. This vulnerability is identified with CVE-2017-11292.

A security researcher

shellcode then downloads the final payload (FinSpy).

FinFisher, also known as FinSpy, is surveillance software that


Affected versions of Adobe Flash Player:

Flash Player versions 27.0.0.159 and earlier for Windows, Macintosh, and Linux.
Flash Player version 27.0.0.159 and earlier for Adobe Flash Player for Google Chrome.
Flash Player version 27.0.0.130 and earlier for Adobe Flash Player for Microsoft Edge and Internet Explorer 11 on Windows 10 and Windows 8.x.


Solution:

All the users of the Adobe Flash Player for Windows, Macintosh, and Linux are advised to update to Flash Player version 27.0.0.170. Flash Player for Google Chrome, Microsoft Edge and Internet Explorer 11 will be automatically updated to the latest version.

All these updates can be easily remediated through SecPod Saner. Install Saner to detect and remediate these type of threats and stay secure.

 

Summary
Adobe Security Update for Flash Player Zero-Day
Article Name
Adobe Security Update for Flash Player Zero-Day
Author
Publisher Name
SecPod Technologies Pvt Ltd
Publisher Logo
Loading Facebook Comments ...

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes:

<a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>