Patch/Configuration Management, Vulnerability Management

Adobe rolling out new Flash Player version, includes fix for latest zero-day bug

Adobe began rolling out Flash Player on Wednesday for users who have auto-update enabled.

The version includes a fix for the recently reported critical zero-day vulnerability – CVE-2015-0313 – that affects Flash Player and earlier versions for Windows and Macintosh, as well as Flash Player and earlier 13.x versions.

“Adobe expects to have an update available for manual download on February 5, and we are working with our distribution partners to make the update available in Google Chrome and Internet Explorer 10 and 11,” according to an update added on Wednesday to the Feb. 2 advisory.

Adobe said on Monday it is aware of reports that the critical bug is being actively exploited, and explained that successful exploitation of the vulnerability could cause a crash and enable an attacker to take complete control of the victim's system.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.