News Stay informed about the latest enterprise technology news and product updates.

Adobe Flash patch for Flash zero-day exploit on Windows

Surprise! It's time, again, for another critical Adobe Flash patch to fix a remote code execution vulnerability reported by the Google Threat Analysis Group.

A new vulnerability in Flash Player -- this one discovered by the Google Threat Analysis Group -- has Adobe patching...

the bedeviled multimedia viewer yet again in response to the critical flaw.

The latest Adobe Flash patch fixes a use-after-free vulnerability that enables attackers to remotely execute code and take control of affected systems.

"Adobe has released security updates for Adobe Flash Player for Windows, Macintosh, Linux and Chrome OS. These updates address a critical vulnerability that could potentially allow an attacker to take control of the affected system," Adobe wrote in its security bulletin. Adobe said it "is aware of a report that an exploit for CVE-2016-7855 exists in the wild, and is being used in limited, targeted attacks against users running Windows versions 7, 8.1 and 10."

Red Hat gave the vulnerability a preliminary CVSS3 base score of 8.8, indicating a critical vulnerability. "This vulnerability," Red Hat wrote in its security update, "... could allow an attacker to create a specially crafted SWF file that would cause flash plug-in to crash, execute arbitrary code or disclose sensitive information when the victim loaded a page containing the malicious SWF content."

This latest Adobe Flash patch fixes one in a long line of critical vulnerabilities that could doom the media-player software, as the industry turns to HTML5, rather than Flash, for displaying rich content.

The emergency patch comes just two weeks after Microsoft's October Patch Tuesday release of fixes for nine critical vulnerabilities in Adobe Flash.

Neel Mehta and Billy Leonard from Google's Threat Analysis Group reported the vulnerability to Adobe.

Next Steps

Find out more about the security measures enterprises should take as Flash is replaced by HTML5.

Learn about why Flash must be replaced by HTML5.

Read about how Mozilla, Google and Facebook started the move away from Adobe Flash.

Dig Deeper on Microsoft Windows security



Find more PRO+ content and other member only offers, here.

Join the conversation

1 comment

Send me notifications when other members comment.

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Please create a username to comment.

What do you think about the efforts by Microsoft, Mozilla and Google to phase out the use of Adobe Flash in favor of HTML5?







  • CIO Trends #6: Nordics

    In this e-guide, read how the High North and Baltic Sea collaboration is about to undergo a serious and redefining makeover to ...

  • CIO Trends #6: Middle East

    In this e-guide we look at the role of information technology as the Arabian Gulf commits billions of dollars to building more ...

  • CIO Trends #6: Benelux

    In this e-guide, read about the Netherlands' coalition government's four year plan which includes the term 'cyber' no fewer than ...