The November 20 security update addresses a single flaw, designated CVE-2018-15981. It is a type confusion bug that can be exploited to achieve remote code execution. Basically, an attacker could slip the exploit code into a Flash .swf file, put it on a web page, and covertly install malware on any vulnerable machine that visits the page.Via: The Register
Another critical exploit patched in Adobe Flash
Posted on Wednesday, November 21 2018 @ 10:39 CET by Thomas De Maesschalck