Flash | SC Media


Microsoft Edge secretly whitelisted sites running Flash Player for Facebook


Facebook has found itself involved in another controversy, this time a cybersecurity researcher has revealed Microsoft Edge allows Flash Player content to be played on Facebook without notifying the user. Google Project Zero’s Ivan Fratric came across what is essentially a secret whitelist and reported it on November 26, 2018 and waited the usual 90 days…

Adobe Patch Tuesday updates for Flash Player, Reader, Acrobat and PhotoShop


Adobe’s November Patch Tuesday security updates cover an important patch for Flash Player along with similarly rated patches for Acrobat, Reader and Photoshop. Flash Player and earlier versions for Windows, macOS, Linux and Chrome OS have an out-of-bounds read vulnerability (CVE-2018-15978) that if exploited could lead to information disclosure. Adobe rated it a priority…

Flash Player missing from Adobe’s October Patch Tuesday update


Adobe’s Patch Tuesday security update included patches for vulnerabilities in four products, including four critical issues patched in Adobe Digital Editions, but none for the often fixed Flash Player. The company has pushed out several out of band releases in the last month, including one on Oct. 1 cleaning up many critical problems with Acrobat…

Patching: the unlocked door

Patch Tuesday: Microsoft patches 17 critical issues, ALPC vulnerability


Microsoft released security patches for a slew of products today covering 61 vulnerabilities with 17 being rated critical focusing mainly on browsers, Windows and Office and it patched the ALPC zero-day that was reported last month. All of the critical issues can lead to remote code execution if exploited, but the ALPC patch is probably…

September Patch Tuesday: Adobe patches seven critical vulnerabilities


Adobe’s September Patch Tuesday offering included a security update fixing an important rated update to Flash Player, along with a total of nine fixes for Cold Fusion six of which were rated critical. The Flash Player issue, CVE-2018-15967, fixes a privilege escalation vulnerability that if exploite could lead to information disclosure, Adobe reported. It impacts…

Next post in Vulnerabilities