Follow Slashdot stories on Twitter


Forgot your password?

Submission + - Adobe Patches Flash Player Zero-Day Vulnerability (

wiredmikey writes: Adobe on Tuesday released an out-of-band security update to address a critical security vulnerability in Adobe Flash Player that could allow an attacker to remotely take control of an affected system.

Adobe said that the vulnerability (CVE-2014-0497), reported to Adobe by Alexander Polyakov and Anton Ivanov of Kaspersky Lab, has an exploit that exists in the wild. Interestingly, Kaspersky Lab said earlier this week that it has been investigating a sophisticated malware that leverages high-end exploits, and includes a bootkit and rootkit, and also has versions for Mac OS and Linux. Neither Adobe nor Kaspersky Lab disclosed if the vulnerability patched today by Adobe has any connection to the cyber-espionage operation that Kaspersky Lab is calling “one of the most advanced threats at the moment”.

“Adobe is aware of reports that an exploit for this vulnerability exists in the wild, and recommends users update their product installations to the latest versions,” the company said in a security advisory. If there is any connection between CVE-2014-0497 and the operation dubbed "The Mask" by Kaspersky Lab, it will not likely be disclosed until the company shares the details of its findings at the Kaspersky Security Analyst Summit next week.

This discussion was created for logged-in users only, but now has been archived. No new comments can be posted.

Adobe Patches Flash Player Zero-Day Vulnerability

Comments Filter:

I THINK MAN INVENTED THE CAR by instinct. -- Jack Handley, The New Mexican, 1988.