Home > Cyber News > CVE-2014-8439 Patched. Emergency Adobe Flash Player Update Issued
CYBER NEWS

CVE-2014-8439 Patched. Emergency Adobe Flash Player Update Issued

On Tuesday Adobe issued an emergency patch in order to fix a Flash Player flaw CVE-2104-8439 that was fixed last month but got exploited again. Adobe added “mitigation” for the vulnerability.Adobe Issues and Emergency Flash Player Update
The new versions are available for:

  • Windows – 15.0.0.239
  • Mac OS – 15.0.0.239
  • Linux – 11.2.202.424

Users of Adobe Flash Player are recommended to update to the latest version immediately. IE10 and IE11 on Windows 8.x will automatically update the currently used versions of Flash. The same goes for Chrome. As you download the latest versions of Flash from the official homepage, make sure to check for any potentially unwanted add-ons (for example McAfee Security Scan) during the installation process.

The flaw can be used for malware installation on the compromised machine. The Adobe team stated that the update will provide extra hardening against CVE-2104-8439.

Software versions of Adobe Flash Player affected by the bug:

  • 15.0.0.223 and earlier
  • 13.0.0.252
  • Earlier 13.x versions
  • 11.2.202.418 and earlier versions for Linux

The exploits in the Nuclear and Angler kits were detected by the French researcher Kafeine shortly after the company released an update on Oct.14. This update patched three CVEs that can cause integer overflows or memory corruption and allow cybercriminals to load and execute code on the targeted machine from a remote location.

Angler and Fiesta are used in attacks against vulnerable websites, redirecting visitors to corrupted web pages that host banking malware or other threats. Flash Player vulnerabilities are highly exploited by that kind of kits, along with Microsoft Silverlight and Java flaws.

The same researcher reported another Adobe exploit last week. The vulnerability CVE-2014-8440 has been detected in Angler. The flaw can let a hacker get control of the compromised system. The bug can be found on numerous systems, like OS X, Linux and Windows. According to Kafeine, the vulnerability has already attracted a great deal of attention among cyber crooks.

Avatar

Berta Bilbao

Berta is a dedicated malware researcher, dreaming for a more secure cyber space. Her fascination with IT security began a few years ago when a malware locked her out of her own computer.

More Posts

Leave a Comment

Your email address will not be published. Required fields are marked *

Time limit is exhausted. Please reload CAPTCHA.

Share on Facebook Share
Loading...
Share on Twitter Tweet
Loading...
Share on Google Plus Share
Loading...
Share on Linkedin Share
Loading...
Share on Digg Share
Share on Reddit Share
Loading...
Share on Stumbleupon Share
Loading...