Last week for Adobe, it should be a busy week, although the vulnerability for Adobe to say already is commonplace, but you can remotely execute malicious code, access the system control of high-risk vulnerability does not see more.
Critical: remote code execution vulnerability
On Tuesday, Adobe emergency issued a high-risk vulnerability patch, fixing a number for the CVE-2 0 1 5-0 3 1 0 security vulnerabilities. However, one after another, in just the past Saturday, Adobe again updates Flash Player software, this update aims to fix are numbered CVE-2 0 1 5-0 3 1 1 0day serious vulnerability. This vulnerability is by the well-known security researcher Kafeine submitted.
The vulnerability being the attacker wide range of use, through to launcha forced download drive-by-download attacksmost of the Windows System. The vulnerability has been company tag in order to high-risk, it means that the attacker can execute malicious code, even when the user is completely unaware of the situation.
This vulnerability is Flash long-term presence of non-disclosed vulnerability that allows attackers to Remote Access PC Control; Windows, OS X and Linux the Flash version contains the vulnerability.
Myhack58 science: what is force download attack?
Forced to download drive-by-download: the attacker in the victim unknowingly on the victim machine to download malware, then the attacker can remotely exploit this vulnerability to control the victim device.