|
Adobe today released a critical update for Flash Player. The update was released outside of Adobe's regular patch cycle. [1] The singled vulnerability fixed by this update, CVE-2016-7855, has already been exploited in targeted attacks against Windows. Windows, Linux and Mac versions are affected, including versions embedded in Chrome and Edge/Internet Explorer 11. Please expedite this update, and review that Flash does not start automatically in your browser but only if enabled by the user for a specific site. Consider removing Flash whenever possible. [1] https://helpx.adobe.com/security/products/flash-player/apsb16-36.html
--- |
Johannes 4102 Posts ISC Handler Oct 26th 2016 |
| Thread locked Subscribe |
Oct 26th 2016 4 years ago |
|
Note that the ESR (i.e. version 18) was discontinued and got NO fix!
Cf. http://www.adobe.com/support/flashplayer/debug_downloads.html |
Anonymous |
| Quote |
Oct 26th 2016 4 years ago |
|
are you telling us that .205 has already been exploited but it's the latest update available?
|
Anonymous |
| Quote |
Oct 27th 2016 4 years ago |
|
As I read the Adobe announcement .205 is the patch, the vulnerability exists in .185 and earlier
|
Anonymous |
| Quote |
Oct 31st 2016 4 years ago |
Sign Up for Free or Log In to start participating in the conversation!
