Adobe announced a critical vulnerability in Flash that allows you to disable the millions of Mac
Adobe released a critical security update for Flash Player designed for Windows, Mac, Linux and Chrome OS. Patch covering 12 vulnerabilities, including a critical, which allows to cause a denial of service and to gain control over the computer.
CVE-2016-6992 occurs due to the mismatch between the data types involved (type confusion). CVE-2016-6987 and CVE-2016-6981 in turn, lead to memory usage after release, and CVE-2016-4286 allows to bypass the security mechanisms. CVE-2016-4273, CVE-2016-6982, CVE-2016-6983, CVE-2016-6984, CVE-2016-6985, CVE-2016-6986, CVE-2016-6989, and CVE-2016-6990 can be used for memory corruption.
Flash is not the first time threatens the security of Mac users. According to experts, another security breach Flash is actively exploited by hackers in targeted attacks on operating systems with an installed version of Flash Player below 220.127.116.11. Successful exploitation could cause a crash and capture by the attackers control over the system.
Because the patch contains many important updates, users are recommended to install it as soon as possible. Helped to close the vulnerability, researchers from the companies Tencent, Palo Alto Networks, COSIG, CloverSec Labs and Trend Micro.
Flash Player is a favorite aim of hackers, being used on hundreds of millions of computers around the world and having a plethora of vulnerabilities. On Windows and OS X Flash Player is regularly updated, however not enough to release updates — users still have to install them, what they often do not.
Verify the installed version of Flash Player on the page About Flash Player. You can also click the right mouse button on playback by the content player and select the menu option “About Flash Player”. Those who work with multiple browsers, you should check the version of the player for each of them.
For many years Adobe is trying to make Flash more secure, but to the application in two decades is a tough task. In December, Adobe admitted that HTML5 is the future of web animation, and released to developers content app Animate CC.