Welcome!
Forum users

Current releases
--MX-23 release info here
--Migration information to MX-23 here
--antiX-23.1 (Arditi del Popolo) release info here

Important information
--If in starting your system it boots to an unwanted Desktop, right click desktop, then select leave and logout. At the
login screen there is a session chooser at the top of the screen.

News
-- MX Linux on social media: here
-- New Forum Features, Marking Solved and Referencing a User: here

New Adobe Flash Zero-Day Exploit Found Hidden Inside MS Office Docs

Report Bugs, Issues and non- package Requests
Post Reply
Message
Author
User avatar
colin_b
Posts: 452
Joined: Sun Mar 19, 2017 7:21 pm

New Adobe Flash Zero-Day Exploit Found Hidden Inside MS Office Docs

#1 Post by colin_b »

https://thehackernews.com/2018/12/flash ... ility.html

The vulnerability impacts Adobe Flash Player versions 31.0.0.153 and earlier for products including Flash Player Desktop Runtime, Flash Player for Google Chrome, Microsoft Edge and Internet Explorer 11. Adobe Flash Player Installer versions 31.0.0.108 and earlier is also affected.

Researchers reported the Flash zero-day exploit to Adobe on November 29, after which the company acknowledged the issue and released updated Adobe Flash Player version 32.0.0.101 for Windows, macOS, Linux, and Chrome OS; and Adobe Flash Player Installer version 31.0.0.122.

The security updates include a patch for the reported zero-day flaw, along with a fix for an "important" DLL hijacking vulnerability (CVE-2018-15983), which could allow attackers to gain privilege escalation via Flash Player and load a malicious DLL.

User avatar
timkb4cq
Developer
Posts: 3179
Joined: Wed Jul 12, 2006 4:05 pm

Re: New Adobe Flash Zero-Day Exploit Found Hidden Inside MS Office Docs

#2 Post by timkb4cq »

As you can see, Stevo was on it.
Screenshot-21.png
You do not have the required permissions to view the files attached to this post.
HP Pavillion TP01, AMD Ryzen 3 5300G (quad core), Crucial 500GB SSD, Toshiba 6TB 7200rpm
Dell Inspiron 15, AMD Ryzen 7 2700u (quad core). Sabrent 500GB nvme, Seagate 1TB

User avatar
colin_b
Posts: 452
Joined: Sun Mar 19, 2017 7:21 pm

Re: New Adobe Flash Zero-Day Exploit Found Hidden Inside MS Office Docs

#3 Post by colin_b »

I thought it was worth a mention. Glad it's sorted.

User avatar
Stevo
Developer
Posts: 12745
Joined: Fri Dec 15, 2006 8:07 pm

Re: New Adobe Flash Zero-Day Exploit Found Hidden Inside MS Office Docs

#4 Post by Stevo »

That's two emergency updates this month. It will be interesting to see if they have another on the normal 2nd Tuesday of the month.

User avatar
colin_b
Posts: 452
Joined: Sun Mar 19, 2017 7:21 pm

Re: New Adobe Flash Zero-Day Exploit Found Hidden Inside MS Office Docs

#5 Post by colin_b »

I'm curious how you found this problem so quickly.

I'm a news hog and I posted the problem as soon as I found it, but you beat me to it.

You folks are F1 when it comes to sorting problems.

https://www.youtube.com/watch?v=aHSUp7msCIE

:happy:

Post Reply

Return to “Bugs and Non-Package Requests Forum”