Trend Micro Facebook TrendLabs Twitter Malware Blog RSS Feed You Tube - Trend Micro
Search our blog:

  • Mobile Vulnerabilities

  • Zero-Day Alerts

  • Recent Posts

  • Calendar

    August 2015
    S M T W T F S
    « Jul    
  • Email Subscription

  • About Us

    Adobe released an out-of-band security update to address six critical vulnerabilities, all affecting Adobe Flash Player.

    One of the six, a cross-site scripting (XSS) vulnerability identified as CVE-2011-2444, is reportedly being exploited in the wild. The bug is reportedly being used in targeted attacks that involve malicious links sent out to targets via email.

    Adobe attributed the discovery of CVE-2011-2444 to Google, who, in response to finding the vulnerability, issued an update for the Google Chrome browser to prevent attackers from exploiting the security hole.

    Users are strongly advised to apply the patches as soon as possible, especially since exploiting any of the addressed vulnerabilities can lead to either remote code execution or to information disclosure.

    Note that users who utilize multiple browsers may need to separately update their other browsers. Users can visit this page for all of their browsers to check if they have the latest version of Adobe Flash Player installed and this page to update. Here is the list of Adobe Flash Player versions affected by vulnerabilities addressed by this update:

    • Flash Player and earlier
    • Flash Player and earlier for network distribution
    • Flash Player and earlier for Android
    • Flash Player and earlier for Chrome

    We will update this post once we find more information about the exploit.

    Share this article
    Get the latest on malware protection from TrendLabs
    Email this story to a friend   Technorati   NewsVine   MySpace   Google   Live   StumbleUpon


    © Copyright 2013 Trend Micro Inc. All rights reserved. Legal Notice