Skip to main content

New Adobe Flash Player Zero Day Bug Targeted To Compromise Systems

Software maker Adobe has released a new advisory warning users about a new critical Flash zero-day bug which is capable of causing a crash and allow a hacker to gain control of the system.

In a blog post (opens in new tab), the company said that the zero-day bug was currently being exploited in the wild using an infected Flash (.swf) file embedded in a Microsoft Word document sent via email. The vulnerability is only being exploited in Windows based systems.

Adobe said that the vulnerability affects Flash Player and earlier versions for Windows, Macintosh, Linux and Solaris and Adobe Flash Player along with earlier versions of the player for Android. The vulnerability also exists in the Authplay.dll component that comes with Adobe Reader and Acrobat X for Windows and Mac operating systems.

“At this time, Adobe is not aware of any attacks via PDF targeting Adobe Reader and Acrobat. Adobe Reader X Protected Mode mitigations would prevent an exploit of this kind from executing,” Adobe said.

The company informed that it was in the process of finalising the schedule for releasing the security patch that fixes the vulnerability. Adobe credited security researcher Mila Parkour for discovering the vulnerability in Apple-nemesis Flash.

Ravi Mandalla was ITProPortal's Sub Editor (and a contributing writer) for two years from 2011. Based in Ahmedabad, India, Ravi is now the owner and founder of Parity Media Pvt. Ltd., a news and media company, which specializes in online publishing, technology news and analysis, reviews, web site traffic growth, web site UI. Ravi lists his specialist subjects as: Enterprise, IT, Technology, Gadgets, Business, High Net Worth Individuals, Online Publishing, Advertising, Marketing, Social Media, News, Reviews, Audio, Video, and Multi-Media. He has also previously worked as Dy. Manager - IT Security at (n)Code Solutions.