Posted on Wednesday, November 26 2014 @ 13:30 CET by Thomas De Maesschalck
Major security flaws in Adobe Flash seem to have become a bit rarer than a few years ago but today you're urged to update your Flash player plug-in asap as a new exploit
is making the rounds. The vulnerability allows attackers to remotely execute code on your computer via a bug in how a de-referenced pointer to memory is handled. Download the
latest Flash update to protect yourself.
In its security bulletin for the vulnerability - rated as critical - Adobe said the updates for the Windows, Linux and Apple OS X versions of Flash Player "provide additional hardening" against the previous CVE-2014-8439 flaw that was patched over a month ago.
Exploit kit researcher Kafeine discovered the Flash vulnerability in the Angler set of attack tools in October this year, security vendor F-Secure said. Exploit kits are used to serve up malware to website visitors through deception as well as taking advantage of vulnerabilities.
It has since found its way into at least two more exploit kits called Astrum and Nuclear, according to F-Secure.
