Hey you,
BE IN THE KNOW!

35,000 ransomware infections per month and you still believe you are protected?

Sign up to receive:

  • alerts
  • news
  • free how-to-remove guides

of the newest online threats - directly to your inbox:


CVE-2016-7855 Flash Bug Exploited in Limited Attacks

update-system-health-stforum

Meet CVE-2016-7855, yet another Adobe Flash Player vulnerability of the zero-day type. Adobe has already released a security bulletin, APSB16-36, addressing the issue in versions of Flash from 23.0.0.185 and earlier affected by the flaw. Linux users should keep in mind that Adobe Flash Player for Linux uses a separate version numbering system and versions 11.2.202.637 and earlier are prone to the bug.


What Is CVE-2016-7855?

This vulnerability is a use-after-free flaw that allows an attacker to use a maliciously crafted Flash file to run bad code on a targeted system. This would allow for a number of threats to be dropped on the system. Unfortunately, the flaw has been leveraged in limited, targeted attacks on Windows.

Related: CVE-2016-5195 Found in Every Linux Version (for the Last 9 Years)

Ad already mentioned Adobe has issued an update to address the vulnerability. The patch in mind carried the current version of Flash, 23.0.0.205. Thanks to its built-in update mechanism, Flash will either install the patch automatically or will alert the user to proceed.

Furthermore, the versions of Flash directly integrated into Google Chrome and Microsoft Edge and Internet Explorer browsers will get the updates via their own update mechanisms. Once more, for Adobe Flash Player for Linux, the current version is 11.2.202.643.

This is Adobe’s statement:

Adobe has released security updates for Adobe Flash Player for Windows, Macintosh, Linux and Chrome OS. These updates address a critical vulnerability that could potentially allow an attacker to take control of the affected system.

Adobe is aware of a report that an exploit for CVE-2016-7855 exists in the wild, and is being used in limited, targeted attacks against users running Windows versions 7, 8.1 and 10.

Milena Dimitrova

An inspired writer, focused on user privacy and malicious software. Enjoys 'Mr. Robot' and fears '1984'.

More Posts - Website

Share on Facebook Share
Loading...
Share on Twitter Tweet
Loading...
Share on Google Plus Share
Loading...
Share on Linkedin Share
Loading...
Share on Digg Share
Share on Reddit Share
Loading...
Share on Stumbleupon Share
Loading...
Please wait...

Subscribe to our newsletter

Want to be notified when our article is published? Enter your email address and name below to be the first to know.