Published on March 12th, 2016 📆 | 7413 Views ⚑
Adobe Flash Player Fixed Critical Vulnerabilities And Released Security Update
Text to Speech
Adobe Flash Player Fixed Critical Vulnerabilities And Released Security Update.
The newly released security updates for Adobe Flash Player address some critical vulnerabilities. By these vulnerabilities, an attacker can easily take a full control of the target system. According to a firm,
"They admit that they were already aware that "an exploit exists for CVE-2016-1010. This exploit was discovered by the Kaspersky Labs which is being used in the wild."
Along with the CVE-2016-1010 vulnerabilities, the other vulnerabilities like CVE-2016-0963 and CVE-2016-0993 allow launching malicious code on the target system by an attacker to gain access to the full control of the system.
This month the Flash team has been quite busy
Besides all these vulnerabilities the other issues, problems and bugs have also fixed by the Flash team. The list of CVE identifiers like CVE-2016-0987, CVE-2016-0988, CVE-2016-0990, CVE-2016-0991, CVE-2016-0994, CVE-2016-0995, CVE-2016-0996, and CVE-2016-1000 that contain the flash team also fixed bugs.
In the CVE identifiers like CVE-2016-0960, CVE-2016-0961, CVE-2016-0962, CVE-2016-0986, CVE-2016-0989, and CVE-2016-1005 include the memory corruption vulnerabilities, but now it also resolved. The CVE-2016-1001 has a problem of heap overflow, but it fixed now. All the 18 bugs that have been fixed by the Flash team lead to the remote code execution (RCE). The RCE is a highly dangerous, and once if skilled attacker exploited it then it will be very easy for them to take a full control of the targeted system.
Those security researchers who reported the bugs are all working in companies like HP, Google, Tencent, Alibaba, NSFOCUS, Venustect ADLAB and Microsoft.
Before the releasing of Flash update, there was other issues and bugs that were resolved by the Adobe like:
Adobe addressed a security issue by releasing Adobe Digital Editions version 4.5.1.