Tuesday's update, though, moved the Windows and Macintosh versions of Flash Player to version 11.9.900.170, and the Linux version to 11.2.202.332. ![]() Some mitigation for this type of exploit exists since Flash 11.6, which introduced a click-to-play feature that requires users to confirm the playback of Flash content embedded in documents when opened in Microsoft Office versions older than Office 2010. ![]() If exploited successfully, both vulnerabilities can lead to arbitrary code execution allowing attackers to take control of the affected systems. A memory corruption flaw tracked as CVE-2013-5332 was also fixed. That CVE (Common Vulnerabilities and Exposures) ID refers to a type confusion vulnerability fixed in the new version of Flash Player. "Adobe is aware of reports that an exploit designed to trick the user into opening a Microsoft Word document with malicious Flash (.swf) content exists for CVE-2013-5331," the company said in a security advisory. ![]() Adobe patched several vulnerabilities in its Flash Player and Shockwave Player on Tuesday, including one for which an exploit is already available.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |