Adobe 'Zero Day' Flaw is Eight Months Old

ID THREATPOST:AB80D8409C004D50C917B3E49286A550
Type threatpost
Reporter Ryan Naraine
Modified 2013-04-17T16:38:56


The current zero-day attacks against Adobe Flash Player are not quite zero-day after all. According to new information, Adobe’s security response team knew about the vulnerability since December 31, 2008 (see image below) but it was misdiagnosed as a “data loss corruption” issue.

When word of the attacks surfaced this week, Adobe quickly locked access to the bug ticket with a note that it was “reclassified as a security bug.” Read the full story []