Categories: Workspace

Adobe Patches Zero-Day Flash Player Flaw

Adobe issued an unscheduled zero-day update for a security issue on 20 February for its Flash Player 12.0.0.44 and earlier versions for Windows and Macintosh, and Adobe Flash Player 11.2.202.336 and earlier versions for Linux.

Active exploitation

“These updates address vulnerabilities that could potentially allow an attacker to take control of the affected system,” Adobe warned in its advisory.

In total, the Adobe update is fixing three identified common vulnerabilities and exposures (CVEs). Adobe noted that only one of them (CVE-2014-0502) is actively being exploited in the wild.

According the National Vulnerability Database information on CVE-2014-0502, the flaw has the highest possible score for impact and exploitability, which means it’s a real and present danger.

Server redirection

Security vendor FireEye claimed in a blog post that it first became aware of CVE-2014-0502 on 13 February. FireEye noted that the Peter G. Peterson Institute for International Economics as well as the American Research Centre in Egypt and the Smith Richardson Foundation were all redirecting visitors to a server hosting the CVE-2014-0502 exploit.

“All three organisations are nonprofit institutions; the Peterson Institute and Smith Richardson Foundation engage in national security and public policy issues,” FireEye stated.

Are you a security pro? Try our quiz!

Sean Michael Kerner

Sean Michael Kerner is a senior editor at eWeek and contributor to TechWeek

Recent Posts

Government Aims To Make UK AI ‘Superpower’

Government to loosen AI regulation, exploit public-sector data, build data centres in growth zones as…

42 mins ago

Brazil Demands Clarity After Meta Ends Fact-Checking

Brazil demands specifics on how new Meta stance on misinformation will apply to country amidst…

9 hours ago

US Executive Order Aims To Shore Up Cyber-Defences

Order from outgoing Joe Biden administration aims to respond to multiple hacks by China targeting…

9 hours ago

Amazon, Meta End Diversity Initiatives

Amazon, Meta end diversity and inclusion initiatives as tech firms re-align policies with those of…

10 hours ago

TSMC Cuts Off Singapore Company Amidst Huawei Fallout

TSMC cuts off Singapore-based PowerAIR as it investigates chip it produced appearing in AI accelerator…

10 hours ago

Huawei Next-Gen OS Gets Boost With Tencent’s WeChat

Tencent's super-app WeChat launches on Huawei's HarmonyOS Next platform in major boost to company's Android…

11 hours ago