This update addresses critical vulnerabilities in Adobe Flash Player 11.1.102.55 and earlier versions for Windows... These vulnerabilities could cause a crash and potentially allow an attacker to take control of the affected system. This update also resolves a universal cross-site scripting vulnerability that could be used to take actions on a user's behalf on any website or webmail provider, if the user visits a malicious website. There are reports that this vulnerability (CVE-2012-0767) is being exploited in the wild in active targeted attacks designed to trick the user into clicking on a malicious link delivered in an email message (Internet Explorer on Windows only).
Adobe recommends users...update to Adobe Flash Player 11.1.102.62.
It's been several days since the flash update mentioned above in this thread...
yet, under the Secure Browsing tab, Secunia's PSI is still reporting that Flash 11.1.102.62 is NOT secure with respect to the two-month-old vulnerability reported here: http://secunia.com/advisories/47161/
I've seen elsewhere that Flash 11.2.x is currently testing a "last" BETA version before its final release... perhaps that one will fix this issue ????
Bugbatter
3 Apprentice
•
20.5K Posts
0
February 15th, 2012 15:00
Thanks for the great detailed info, guys! :emotion-21:
ky331
3 Apprentice
•
15.6K Posts
0
February 15th, 2012 15:00
Additional information on today's Flash update, from http://www.adobe.com/support/security/bulletins/apsb12-03.html
This update addresses critical vulnerabilities in Adobe Flash Player 11.1.102.55 and earlier versions for Windows... These vulnerabilities could cause a crash and potentially allow an attacker to take control of the affected system. This update also resolves a universal cross-site scripting vulnerability that could be used to take actions on a user's behalf on any website or webmail provider, if the user visits a malicious website. There are reports that this vulnerability (CVE-2012-0767) is being exploited in the wild in active targeted attacks designed to trick the user into clicking on a malicious link delivered in an email message (Internet Explorer on Windows only).
Adobe recommends users...update to Adobe Flash Player 11.1.102.62.
ky331
3 Apprentice
•
15.6K Posts
0
February 19th, 2012 04:00
It's been several days since the flash update mentioned above in this thread...
yet, under the Secure Browsing tab, Secunia's PSI is still reporting that Flash 11.1.102.62 is NOT secure with respect to the two-month-old vulnerability reported here: http://secunia.com/advisories/47161/
I've seen elsewhere that Flash 11.2.x is currently testing a "last" BETA version before its final release... perhaps that one will fix this issue ????