Microsoft patched nearly 50 vulnerabilities this month, including patches for an Adobe Flash Player zero-day vulnerability that was announced earlier this month.
Adobe Systems today released a critical security update for a pair of vulnerabilities in Flash Player, one of which has been actively exploited in phishing attacks attributed to North Korean APT actor Group 123.
Researchers are reporting that an increasingly sophisticated North Korean hacking group is responsible for an attack campaign exploiting CVE-2018-4878, a critical use-after-free flaw in Flash Player that has not yet been patched.
Adobe Systems says it plans to address a critical zero-day vulnerability in Flash Player that a researcher asserts is being actively exploited in the wild to attack South Koreans conducting research on North Korea.
Adobe's Flash Player may gain a lot of negative headlines, but when it comes to the most frequented targeted software Microsoft Office and Windows beat out the much maligned Adobe software.
The first patch Tuesday of 2018 has Adobe issuing its first patch for the new year, a lone entry for Flash Player rated as "important".
MWI8 framework builds malicious Word documents and was recently advertised on the dark web as incorporating specific, recently discovered Flash vulnerabilities.
Adobe released fixes for its Reader and Acrobat products and said it will issue an update later this week for Flash Player to patch a vulnerability that is currently being exploited in the wild.
Brian Krebs, the mastermind behind Krebs on Security, has expressed doubts about Adobe's Flash, despite recent patches