Skip Ribbon Commands
Skip to main content
Computer Emergency Response Team of Mauritius (CERT-MU)
Computer Emergency Response Team of Mauritius>Adobe New Patch Provides Additional Security

Adobe New Patch Provides Additional Security


Researchers at FortiGuard Labs recently discovered another heap overflow vulnerability in the Adobe Flash Player. The vulnerability (CVE-2015-5129) is similar to a larger group of security issues found in Flash Player, which could be exploited to allow remote code execution on the host system. Although security researchers have not observed active exploits for this particular vulnerability in the wild, several products that incorporate flash were found with the vulnerability. One example is the Google Chrome browser. Additionally, the vulnerability could affect mobile developers on both Android and Apple iOS if Adobe AIR SDK & Compiler18.0.0.180 has been used. Perhaps more importantly, many active exploits have been developed for similar vulnerabilities, making future exploit development more straightforward. Adobe has not only patched this vulnerability very quickly but has also implemented layers of security, including the Adobe Sandbox, in recent versions of Flash that make it far more difficult to compromise a system by exploiting Flash.
 
Source:
 
Adobe Security Bulletin
 
Fortinet
 
Team Cymru
 
Disclaimer
The information provided herein is on "as is" basis, without warranty of any kind.
Contact Information
Postal address
Mauritian Computer Emergency Response Team (CERT-MU)
National Computer Board
7th Floor, Stratton Court
La Poudriere Street
Port Louis