Adobe 'Zero Day' Flaw is Eight Months Old

2009-07-24T21:08:10
ID THREATPOST:AB80D8409C004D50C917B3E49286A550
Type threatpost
Reporter Ryan Naraine
Modified 2013-04-17T16:38:56

Description

The current zero-day attacks against Adobe Flash Player are not quite zero-day after all. According to new information, Adobe’s security response team knew about the vulnerability since December 31, 2008 (see image below) but it was misdiagnosed as a “data loss corruption” issue.

When word of the attacks surfaced this week, Adobe quickly locked access to the bug ticket with a note that it was “reclassified as a security bug.” Read the full story [zdnet.com]