Vulnerability alert: Flash Exposure of serious security vulnerabilities, affecting all versions of Windows System, IE and FireFox browsers-bug warning-the black bar safety net

ID MYHACK58:62201558483
Type myhack58
Reporter 佚名
Modified 2015-01-28T00:00:00


Last week for Adobe, it should be a busy week, although the vulnerability for Adobe to say already is commonplace, but you can remotely execute malicious code, access the system control of high-risk vulnerability does not see more.

Critical: remote code execution vulnerability

On Tuesday, Adobe emergency issued a high-risk vulnerability patch, fixing a number for the CVE-2 0 1 5-0 3 1 0 security vulnerabilities. However, one after another, in just the past Saturday, Adobe again updates Flash Player software, this update aims to fix are numbered CVE-2 0 1 5-0 3 1 1 0day serious vulnerability. This vulnerability is by the well-known security researcher Kafeine submitted.

The vulnerability being the attacker wide range of use, through to launcha forced download drive-by-download attacksmost of the Windows System. The vulnerability has been company tag in order to high-risk, it means that the attacker can execute malicious code, even when the user is completely unaware of the situation.

This vulnerability is Flash long-term presence of non-disclosed vulnerability that allows attackers to Remote Access PC Control; Windows, OS X and Linux the Flash version contains the vulnerability.


Myhack58 science: what is force download attack?

Forced to download drive-by-download: the attacker in the victim unknowingly on the victim machine to download malware, then the attacker can remotely exploit this vulnerability to control the victim device.

[1] [2] next