Adobe Flash Player update fixes latest zero-day bug

News by Adam Greenberg

Adobe began rolling out Flash Player on Wednesday for users who have auto-update enabled.

The version includes a fix for the recently reported critical zero-day vulnerability – CVE-2015-0313 – that affects Flash Player and earlier versions for Windows and Macintosh, as well as Flash Player and earlier 13.x versions.

“Adobe expects to have an update available for manual download on 5 February, and we are working with our distribution partners to make the update available in Google Chrome and Internet Explorer 10 and 11,” according to an update added on Wednesday to the 2 February advisory.

Adobe said on Monday it is aware of reports that the critical bug is being actively exploited, and explained that successful exploitation of the vulnerability could cause a crash and enable an attacker to take complete control of the victim's system.

Find this article useful?

Get more great articles like this in your inbox every lunchtime

Video and interviews