For the past two months, a new exploit kit has been serving malicious code hidden in the pixels of banner ads via a malvertising campaign that has been active on several high profile websites.
Very busy ransomware week. We have two new ransomware infections being pushed out by exploit kits, some decryptors, and lots of small variants being released. The big news is the release of the master decryption keys for the CrySiS ransomware and Kaspersky's Rakhnidecryptor being updated to use them.
Fake Flash Player update sites have long been a favorite distribution method for adware and other unwanted programs. Today, a fake Flash update site was discovered by ExecuteMalware that is pushing the Locky ransomware.
Today, Adobe released security updates for Adobe Flash Player and Adobe Connect that fix a total of ten vulnerabilities. The Adobe Connect update resolves a cross-site scripting (XSS) vulnerability, while the Flash Player updates resolves 9 critical vulnerabilities that could lead to remote code execution.
Adobe has released an emergency update for Adobe Flash Player that resolves a critical vulnerability that is actively being abused to execute commands on vulnerable computers. According to Adobe Security Bulletin APSB16-36, Adobe has become aware of a report that an exploit for CVE-2016-7855 is actively being used in targeted attacks
Today, Adobe released security updates for Adobe Flash Player, Adobe Acrobat and Reader, and Creative Cloud Desktop. When you combine the vulnerabilities patched for the three products, there are 84 exploits fixed, with many of them being labeled as Critical, because they allow code execution.
Yesterday, Adobe released updates for Adobe Flash, Adobe Digital Editions, and Adobe AIR SDK & Compiler. When you combine the vulnerabilities patched for the three products, there are 35 exploits fixed, with many of them allowing code execution.
Today Adobe released a mammoth security update for their Adobe Flash Player, Adobe Acrobat and Reader, and Adobe XMP Toolkit for Java products. When you combine the vulnerabilities released for the three products, there are 83 exploits fixed, with almost all of them allow remote code execution.
Adobe has released security updates for Adobe Reader, Acrobat, and Coldfusion. With a whopping 92 vulnerabilities in Reader and Acrobat, with many of them being critical, it is essential that everyone install the latest available update. Furthermore, Adobe released an advisor about a vulnerability currently being used in Adobe Flash
Adobe has released an emergency update to resolve critical vulnerabilities in their Adobe Flash Player product. The new version is 184.108.40.206 and resolves critical vulnerabilities that could allow an attacker to remotely take control of your computer.
Adobe released an updated security advisory yesterday regarding a critical vulnerability (CVE-2016-1019) that exists in Adobe Flash Player 220.127.116.11 and earlier versions. Though an emergency update may be released tomorrow, all Flash users are advised to immediately upgrade to the latest version.
Due to an undisclosed vulnerability in Flash player versions prior to 18.104.22.168 and 22.214.171.1243, Apple has blocked access to Flash when using Safari in OS X. When visiting sites that require Flash you will now be greeted with a warning that it has been blocked and instructions on how to update it.
Today Adobe issued Security Bulletin APSB16-08, which is an Adobe Flash update that fixes 23 reported vulnerabilities. These vulnerabilities are all critical as they could allow an attacker to take control of an affected system. Adobe is also aware of a report that an exploit CVE-2016-101 is being used in limited attacks.
Today Microsoft, and Adobe all released security updates for security vulnerabilities in their products. Some of these vulnerabilities were labeled as Critical, which would allow an attacker to execute commands on the affected computer without the user's permission.
Adobe has released an update for Adobe Flash that resolves a whopping 78 vulnerabilities. This is a required update for anyone who has Flash installed as these vulnerabilities are known to be used in the wild to install malware and other attacks.
Adobe has announced that in early 2016 they will be renaming Adobe Flash Professional to Adobe Animate CC. This move will not make Flash more secure, but shows that Adobe recognizes it needs to move away from Flash to more secure technologies. A name change, though, does not mean Flash is going anywhere and will still be a a problem
Adobe releases security updates for Adobe Flash that fix 17 security vulnerabilities. Out of these 17 vulnerabilities, 16 of them could lead to remote code execution. It is important that everyone update Adobe Flash to the recommended versions so they are no longer affected by these security holes.
Microsoft released today a security update for Internet Explorer 10, Internet Explorer 11, and Microsoft Edge that updates the bundled Adobe Flash libraries. This patch is only available for users of Windows 8, Windows Server 2012, Windows RT, Windows 8.1, Windows Server 2012 R2, Windows RT 8.1, and Windows 10.