The Latest in IT Security

New zero-day vulnerabilities discovered in Flash Player

16
Dec
2011

What has been found?

Two new vulnerabilities in Adobe’s ubiquitous Flash Player have been discovered and allegedly can be used to an arbitrary code execution remotely. Essentially these vulnerabilities could allow someone to remotely seize control of a PC without the consent of the owner.

Who discovered these exploits?

 

The exploits were discovered by a Russian vulnerability research firm called Intevydis. They have created a popular application called Vulndisco designed to test the robustness of programs to exploits. The process, known as “penetration-testing”, is an excellent way of finding software vulnerabilities and security holes.

Interestingly, Intevydis has refused to give Adobe the details of the vulnerabilities. As of last year Evgeny Legerov, the founder and CEO of Intevydis, declared that they will no longer inform software vendors of vulnerabilities they discover.

How can I stay protected?

While Adobe is yet to comment on these latest Zero-day exploits, they are actively working to resolve vulnerabilities as soon as they are aware of them. Next week should see the release a patch to fix some previously discovered security holes in Adobe Reader.

To ensure that you are as well protected as possible, ensure that you have automatic updates enabled for any software you are running (including your OS). Most programs will have this automatically enabled as default.

As always, ensure that you have security software installed so that you have the best possible chance of thwarting a problem or intruder before any damage is caused.

Leave a reply


Categories

FRIDAY, MARCH 29, 2024
WHITE PAPERS

Mission-Critical Broadband – Why Governments Should Partner with Commercial Operators:
Many governments embrace mobile network operator (MNO) networks as ...

ARA at Scale: How to Choose a Solution That Grows With Your Needs:
Application release automation (ARA) tools enable best practices in...

The Multi-Model Database:
Part of the “new normal” where data and cloud applications are ...

Featured

Archives

Latest Comments