Welcome!
Important information
-- Spectre and Meltdown vulnerabilities
-- Change in MX sources

News
-- MX Linux on social media: here
-- Mepis support still here

Current releases
-- MX-17.1 Final release info here
-- antiX-17 release info here

New users
-- Please read this first, and don't forget to add system and hardware information to posts!
-- Here are the Forum Rules

New Adobe Flash Zero-Day Exploit Found Hidden Inside MS Office Docs

Report Bugs, Issues and non- pacakage Requests
Post Reply
Message
Author
User avatar
colin_b
Forum Regular
Forum Regular
Posts: 413
Joined: Sun Mar 19, 2017 7:21 pm

New Adobe Flash Zero-Day Exploit Found Hidden Inside MS Office Docs

#1 Post by colin_b » Thu Dec 06, 2018 1:22 pm

https://thehackernews.com/2018/12/flash ... ility.html

The vulnerability impacts Adobe Flash Player versions 31.0.0.153 and earlier for products including Flash Player Desktop Runtime, Flash Player for Google Chrome, Microsoft Edge and Internet Explorer 11. Adobe Flash Player Installer versions 31.0.0.108 and earlier is also affected.

Researchers reported the Flash zero-day exploit to Adobe on November 29, after which the company acknowledged the issue and released updated Adobe Flash Player version 32.0.0.101 for Windows, macOS, Linux, and Chrome OS; and Adobe Flash Player Installer version 31.0.0.122.

The security updates include a patch for the reported zero-day flaw, along with a fix for an "important" DLL hijacking vulnerability (CVE-2018-15983), which could allow attackers to gain privilege escalation via Flash Player and load a malicious DLL.

User avatar
timkb4cq
Forum Veteran
Forum Veteran
Posts: 4482
Joined: Wed Jul 12, 2006 4:05 pm

Re: New Adobe Flash Zero-Day Exploit Found Hidden Inside MS Office Docs

#2 Post by timkb4cq » Thu Dec 06, 2018 1:54 pm

As you can see, Stevo was on it.
Screenshot-21.png
You do not have the required permissions to view the files attached to this post.
MSI 970A-G43 MB, AMD FX-6300 (six core), 16GB RAM, GeForce 730, Samsung 850 EVO 250GB SSD, Seagate Barracuda XT 3TB

User avatar
colin_b
Forum Regular
Forum Regular
Posts: 413
Joined: Sun Mar 19, 2017 7:21 pm

Re: New Adobe Flash Zero-Day Exploit Found Hidden Inside MS Office Docs

#3 Post by colin_b » Thu Dec 06, 2018 5:18 pm

I thought it was worth a mention. Glad it's sorted.

User avatar
Stevo
Forum Veteran
Forum Veteran
Posts: 17010
Joined: Fri Dec 15, 2006 8:07 pm

Re: New Adobe Flash Zero-Day Exploit Found Hidden Inside MS Office Docs

#4 Post by Stevo » Thu Dec 06, 2018 5:36 pm

That's two emergency updates this month. It will be interesting to see if they have another on the normal 2nd Tuesday of the month.

User avatar
colin_b
Forum Regular
Forum Regular
Posts: 413
Joined: Sun Mar 19, 2017 7:21 pm

Re: New Adobe Flash Zero-Day Exploit Found Hidden Inside MS Office Docs

#5 Post by colin_b » Thu Dec 06, 2018 7:36 pm

I'm curious how you found this problem so quickly.

I'm a news hog and I posted the problem as soon as I found it, but you beat me to it.

You folks are F1 when it comes to sorting problems.

https://www.youtube.com/watch?v=aHSUp7msCIE

:happy:

Post Reply

Return to “Bugs and Non-Package Requests Forum”