New Adobe Flash Player vulnerability

VUIT Security Notice: New vulnerability found in Adobe Flash Player

Vanderbilt IT would like to bring the following information to the technical community’s attention, especially those who use Adobe Flash Player for Windows, Mac and Linux. The affected versions include Adobe Flash Player 18.0.0.194 and earlier versions for Windows and Macintosh; Adobe Flash Player Extended Support Release version 13.0.0.296 and earlier 13.x versions for Windows and Macintosh; and Adobe Flash Player 11.2.202.468 and earlier 11.x versions for Linux.

The security vulnerability has been identified as critical because it can be exploited remotely and can potentially allow the attacker to take control of the affected machine. In turn, this grants the attacker access to other systems within the network.

VUIT Security Operations will continue to monitor this vulnerability closely and has taken several precautions that include instituting detection capability for possible exploits of this vulnerability and transitioning into prevention mode.

In the meantime, VUIT recommends that users apply the patch supplied by Adobe as soon as possible by following this link: https://helpx.adobe.com/security/products/flash-player/apsb15-16.html.

For more information, please contact VUIT Security Operations at vuit.incident.response@vanderbilt.edu.

 

Sources and References:

http://www.engadget.com/2015/07/08/hacking-team-zero-day-flash-exploit/
https://helpx.adobe.com/security/products/flash-player/apsa15-03.html
https://blog.malwarebytes.org/exploits-2/2015/07/hacking-team-leak-exposes-new-flash-zero-day/