Patched Flash bug still vulnerable
A bypass in Flash, which Adobe said it patched in its last security update, has reappeared.
The flaw allows attackers to execute arbitrary code via unspecified vectors, according to CVE 2015-5560. Though Adobe issued security update 184.108.40.206 to mitigate the bug, researchers at security firm Morphisec found that the "in-the-wild exploit residing in a Nuclear exploit kit bypasses the recent Flash mitigation for vector corruption."
Apple's late CEO Steve Jobs was against allowing the Flash plugin on Apple devices, Mozilla is already preventing it from executing within its Firefox browser, while Facebook's new CSO, Alex Stamos, recently tweeted, "It is time for Adobe to announce the end-of-life date for Flash."
Users are once again being advised to patch the popular multimedia and software platform when updates are issued and to implement detection solutions.