Despite both Microsoft and Adobe releasing patches on Tuesday (10/13/2015), a critical Flash zero-day flaw remains unpatched in Adobe’s latest update.
Despite both Microsoft and Adobe releasing critical patches on Tuesday (10/13/2015), a critical zero-day vulnerability remains unpatched in Adobe’s latest update. As per Adobe APSA15-05, this vulnerability (CVE-2015-7645) remains unpatched is actively being exploited in-the-wild. Adobe plans to release a patch that addresses this vulnerabiltiy at some point during the week of October 19th.
Adobe Flash Player 188.8.131.52 and earlier for Windows and Macintosh
Adobe Flash Player Extended Support Release 184.108.40.206 and earlier 18.x versions
Adobe Flash Player 220.127.116.115 and earlier 11.x versions for Linux
Recent Patches Address Several Vulnerabilities in Popular Applications
Adobe Reader & Acrobat: ~56 Vulnerabilities Patched Adobe Flash Player: ~13 Vulnerabilities Patched Microsoft Windows, Office, & Other Apps: ~36 Vulnerabilities Patched # of Critical Microsoft Vulnerabilities:3 Microsoft Application w/ Most Security Issues Addressed: Internet Explorer (& Microsoft Edge)
An archive of Microsoft’s Security Advisories, including those published on Tuesday, can be found at this URL.
Michael Fratello is a Security Engineer employed by CipherTechs, Inc., a privately held information security services provider located in downtown Manhattan, New York. Specializing in Penetration Testing and Digital Forensics, Michael, a St. John’s University graduate majoring in Computer Security Systems, has developed a passion for information security and often spends his free time studying, programming, and researching the exponentially growing number of threats found in-the-wild today.
Pierluigi Paganini is member of the ENISA (European Union Agency for Network and Information Security) Threat Landscape Stakeholder Group and Cyber G7 Group, he is also a Security Evangelist, Security Analyst and Freelance Writer.
Editor-in-Chief at "Cyber Defense Magazine", Pierluigi is a cyber security expert with over 20 years experience in the field, he is Certified Ethical Hacker at EC Council in London. The passion for writing and a strong belief that security is founded on sharing and awareness led Pierluigi to find the security blog "Security Affairs" recently named a Top National Security Resource for US.
Pierluigi is a member of the "The Hacker News" team and he is a writer for some major publications in the field such as Cyber War Zone, ICTTF, Infosec Island, Infosec Institute, The Hacker News Magazine and for many other Security magazines.
Author of the Books "The Deep Dark Web" and “Digital Virtual Currency and Bitcoin”.