News | Windows and Flash zero-days exploited in the wild; Microsoft patch ready, Adobe coming soon

Microsoft and Adobe are warning users of not one, but two security vulnerabilities that are currently being exploited in the wild. Patches are already here or coming tomorrow so you should update your machines as soon as possible.

On Microsoft’s side of the aisle, the bug that’s currently being exploited is part of Internet Explorer. It allows for remote code execution, meaning an attacker could take control of a machine if the victim visits a specially crafted malicious website. This exploit is actively being used in the wild, with attacks being detected in South Korea over the past few days. The good news is that Microsoft has already patched the vulnerability as part of yesterday’s Patch Tuesday. Specifically, KB3155533 addresses the issue.

microsoft-security_story.jpg

Also of note is that yesterday’s patches fix other vulnerabilities as well, including seven other issues deemed Critical and a number of others noted as Important. This includes vulnerabilities that got patches in Windows, Flash Player, Edge, Internet Explorer and Office.

Meanwhile Adobe is also preparing to launch a patch of its own for Flash. According to the official security advisory, a critical vulnerability exists in Flash Player version 21.0.0.226 and earlier on all supported platforms. This includes Windows, OS X, Linux and Chrome OS. The bug, which is already being used by attackers, allows a malicious agent to take control of a machine. Adobe says it will have a patch ready as soon as tomorrow, so you’d do well to upgrade all of your devices and software as soon as possible.

Source | neowin
Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s