Firefox Blocks Adobe Flash Player Plugin Due To Unpatched 3rd Zero Day Vulnerability

~ mardi 14 juillet 2015



Firefox Blocks Adobe Flash Player Plugin Due To Unpatched 3rd Zero Day Vulnerability.

Some of the places user didn't see the videos due to block. Exploits for these vulnerabilities were found in the information taken from HackingTeam in the assault revealed a week ago.

Adobe expected to patch these flash Zero days in this week, but at the meantime Adobe disabled all versions of plugin.

Adobe released 18.0.0.209 update version for flash player plugin today

In the Mozilla Statement,
"All versions of Adobe’s Flash Player plugin are currently deactivated by default, until Adobe releases an updated version to address known critical security issues."

Last week we reported Hacking Team was hacked and 400GBs Data Leaked. These zero days comes out from these leaks.

Firefox officially Tweeted,


New Facebook Chief Security Officer (CSO) Alex Stamos tweeted,


In the Statement of Adobe,

"Security Advisory for Adobe Flash Player
Release date: July 10, 2015

Last Updated: July 12, 2015

Vulnerability identifier: APSA15-04

CVE number: CVE-2015-5122, CVE-2015-5123


Platform: Windows, Macintosh and Linux


Summary:

Critical vulnerabilities (CVE-2015-5122, CVE-2015-5123) have been identified in Adobe Flash Player 18.0.0.204 and earlier versions for Windows, Macintosh and Linux. Successful exploitation could cause a crash and potentially allow an attacker to take control of the affected system.  

Adobe is aware of reports that exploits targeting these vulnerabilities have been published publicly. Adobe expects to make updates available during the week of July 12, 2015."


By playing any flash content in Firefox, top of the browser windows can read 

"Firefox has presented the unsafe plugin 'Adobe Flash' from running on the target URL."


0 commentaires :

Enregistrer un commentaire