Monthly Archives: July 2015

Adobe Flash Player Zero-Day Vulnerability

Posted by Clayton Bellot on July 08, 2015
Uncategorized / No Comments

Recently, Information Technology Services was made aware of a zero-day vulnerability for Adobe Flash Player. Dubbed “the most beautiful Flash bug for the last four years” by the hacker group who’s leaked documentation lead to the publicity of the vulnerability. Sources indicate that this vulnerability is actively being exploited in the wild. Successful exploitation could result in remote code execution. Adobe states that all previously released versions of Adobe Flash are affected, including those bundled with Adobe AIR.

Information Technology Services strongly recommends the following action be taken to mitigate this vulnerability

  • Immediately update Adobe Flash Player to 18.0.0.203.
  • Immediately update AIR Desktop Runtime to 18.0.0.180.
  • Enable Click-to-Play for the Adobe Flash Player add-on to help mitigate potential future threats.

Additional information
+ Adobe’s Player Download Center site
+ Helpful hints for managing the Adobe Flash add-on
+ Enabling ‘Click-to-Play’ for the Adobe Flash Player add-on
+ Details regarding the latest vulnerability