Threat Level: green Handler on Duty: Rick Wanner

SANS ISC: Adobe Security Flash Update SANS ISC InfoSec Forums

Watch ISC TV. Great for NOCs, SOCs and Living Rooms:

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
Adobe Security Flash Update

Adobe released a critical patch for Flash Player addressing an object confusion vulnerability (CVE-2012-0779). If exploited, it could cause the application crash and potentially allow an attacker to take control of the system. The security bulletin is posted here and the update can be downloaded here.

Affected Software

- Windows, Macintosh and Linux version and earlier
- Android 4.x version and earlier
- Android 3.x and 2.x version and earlier



Guy Bruneau IPSS Inc. gbruneau at isc dot sans dot edu


481 Posts
ISC Handler
May 4th 2012
Anyone know if version is vulnerable? the CVE is not clear as it states "Adobe Flash Player before and 11.x before on Windows" and Adobe does not even mention 10.x

According to the security bulletin, it states "For users who cannot update to Flash Player, Adobe has developed a patched version of Flash Player 10.x, Flash Player, which can be downloaded here." Here is…

481 Posts
ISC Handler

Sign Up for Free or Log In to start participating in the conversation!