Threat Level: green Handler on Duty: Jan Kopriva

SANS ISC: InfoSec Handlers Diary Blog - SANS Internet Storm Center InfoSec Handlers Diary Blog

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

"Stealth" Update for Flash from Adobe

Published: 2015-01-24
Last Updated: 2015-01-25 02:58:36 UTC
by Johannes Ullrich (Version: 1)
9 comment(s)

[Update] Adobe now updated it's advisory and confirmed that version fixes the o-day vulnerability (CVE-2015-0311). [2][3]

Adobe apparently just released Flash version There is nothing on Adobe's website if this is a patch. As a matter of fact, Adobe still lists as the most recent version [1]. You can download if you manually check for updates using Flash.

This article will be updates as we learn more. I have NO IDEA if this new version fixes the current vulnerability, but given that this is a surprise weekend release, chances are that it was released in response to the vulnerability. Apply this update at your own risk.

Thanks to Christopher for noticing!




Johannes B. Ullrich, Ph.D.

9 comment(s)
Diary Archives