0 Members and 1 Guest are viewing this topic.
Among the vulnerabilities patched in the update is CVE-2016-1019, a remote code execution vulnerability that is currently being exploited in the wild by the Magnitude Exploit Kit. According to researchers with Trend Micro, the flaw is being targeted in both Windows and OS X systems to perform automated malware installs.Simply browsing a webpage booby-trapped with a malicious Flash file is enough to trigger execution of evil code, allowing miscreants to potentially snoop on victims' passwords and other sensitive information on their computers.Adobe is recommending that users update Flash as soon as possible to patch the flaws. Users running Chrome, Internet Explorer and Edge will automatically get the update when updating their browser.Researchers have suggested that users... disable Flash Player in order to prevent attacks.
I'll make it very simple: update Adobe Flash now, or get rid of it altogether.If you're not quite ready to take the step of entirely uninstalling Flash, then you should at the very least consider enabling "Click to Play", which stops Flash elements from being rendered in your browser unless you give specific permission.