Friday

Adobe patches flaw in Flash but another one found


Users of some browsers may want to put off visiting sites that use Adobe's Flash software – Adobe has patched a flaw in Flash, but a new one has been discovered.

Adobe this week rolled out a patch to address a vulnerability being exploited by the Angler Exploit Kit, but a security researcher found it was not the only flaw.

"Any version of Internet Explorer or Firefox with any version of Windows will get owned if Flash up to 16.0.0.287 (included) is installed and enabled," researcher "Kafeine" said in a blog post.

"Disabling Flash player for some days might be a good idea," Kafeine added.

On Jan. 22, Adobe issued a security update for a vulnerability affecting Flash Player for Windows, Mac and Linux.

It urged users to update to Flash Player 16.0.0.287.

But Kafeine noted that Angler initially did not infect Firefox, Angler's encoders made the adjustments so it would also affect Mozilla's browser.

So far, Kafeine said tests showed Google's Chrome is relatively safe from the threat. — Joel Locsin/LBG, GMA News

source: gmanetwork.com