Skip to main content
  1. Home
  2. Computing
  3. News

Oh, look! It’s another patched vulnerability in Adobe’s Flash Player software

By

adobe flash player zero day vulnerability patched frustrated gamer cat 3
Image used with permission by copyright holder
Security firm Trend Micro has pointed out an unscheduled patch for Adobe Flash Player that fixes a zero-day vulnerability in the aging software. The patch addresses versions 23.0.0.185 and older released before October 11 for the Windows and Macintosh platforms, and versions 11.2.202.637 and earlier for Linux. The firm urges all Flash Player users to update the installed software immediately to keep hackers from gaining access to their PCs.

The vulnerability is designated as CVE-2016-7855, and enables hackers to run malicious code on a target PC using a Flash file. In turn, this code can install various threats in the PC’s system that eventually can grant the hacker full control. Adobe’s security bulletin lists the problem as “critical,” meaning there is a possibility malicious code could be executed through the Flash vulnerability without the target user being aware of any problem.

Recommended Videos

As per the bulletin, hackers are exploiting the vulnerability in limited, targeted attacks. The affected machines are based on Windows 7, Windows 8.1, and Windows 10. There is no sign that Linux machines are also being targeted, but Adobe is updating Flash Player for that platform nonetheless, as well as Apple’s Mac devices.

“The built-in update mechanism of Flash will either automatically install the update or prompt the user to do so,” Trend Micro reports. “The versions of Flash that are integrated into Google Chrome and Microsoft Edge/Internet Explorer will receive updates via the update mechanisms of those browsers.”

Web surfers not sure about what version of Flash Player they are using can check the version number by heading here to allow Adobe’s website to scan the locally installed software. Users can also right-click on a webpage’s many Flash components and select “About Adobe (or Macromedia) Flash Player” from the menu. Users should do this for every browser installed on the PC.

The new update will bring Adobe Flash Player up to version 232.0.0.205 for Windows/Mac/Chrome OS, and up to version 11.2.202.643 for Linux. It revises the Adobe Flash Player Desktop Runtime, Adobe Flash Player for Google Chrome (and Chrome OS), Adobe Flash Player for Internet Explorer and Microsoft Edge, and Adobe Flash Player for Linux.

This latest patch highlights the need to move away from using Adobe Flash on the web. Although it transformed a plain, GIF/JPG-embedded internet into an interactive multimedia experience, the software has also been the target of hackers as they seek to infiltrate connected devices. Vulnerabilities continue to appear, hackers continue to take advantage of them, and Adobe seems to be working around the clock just to plug in the budding security holes.

HTML5 has become the new internet standard, enabling rich multimedia experiences without web surfers needing to install software outside the browser. Even Adobe is pushing to move beyond the aging Flash platform, and will probably have a lot more time on its hands once Flash is fully phased out.

Until then, web surfers will need to endure the production line of Flash Player security patches as they roll out.

Topics
Kevin Parrish
Kevin Parrish
Former Digital Trends Contributor
Kevin started taking PCs apart in the 90s when Quake was on the way and his PC lacked the required components. Since then…
At basically $105, the Ryzen 5 7600X is the best gaming CPU to buy right now
The Ryzen 5 7600X sitting among thermal paste and RAM.

I don't usually get my hopes up for Black Friday CPU deals, but I found one that's just too good to pass up. Right now, you can get the Ryzen 5 7600X -- still one of the best processors for value-focused gaming -- for basically $105. No, that's not the actual price listed on Newegg where you'll find the deal, but there's a lot going on with this sale.

For starters, the CPU itself is marked down by 24%, bringing the $299 list price down to $225. Not a great deal for a last-gen chip. However, you can save an additional $30 by using the promo code BFEDY2A33, and more importantly, you'll get a free Kingston NV3 1TB hard drive with the order. That's a PCIe 4.0 SSD that normally costs $90.

Read more
This Asus laptop with Copilot+ is $350 off at Best Buy
Asus Vivobook S 15 CoPilot+ front view showing display and keyboard.

You can do quite a bit of gaming on the go these days, thanks to all the handheld consoles and gaming laptops that are on the market. Regarding the latter, we’re always on the lookout for top discounts on the gaming gear we all want to own, which leads us to this wonderful discovery:

For a limited time, when you purchase the Asus Vivobook S 15 with Copilot+ at Best Buy, you’ll pay $550. At full price, this model sells for $900. We tested this PC earlier this year, and our reviewer said the following: “The Asus Vivobook S15 is the best large-display Copilot+ laptop so far in an old-school form factor.”

Read more
This gorgeous Mac mini hub exacerbates the power button placement problem
M4 Mac mini with Satechi hub on a desk.

Satechi, known for its high-quality tech accessories, is updating its Mac mini hub for the new M4 model. Like previous hubs, it allows Mac mini owners to expand their storage and ports while preserving airflow, wireless signal, and performance. It looks awesome, but this time, the design highlights the problematic nature of the new Mac mini's placement of its power button.

With previous Mac mini models, the power button was at the back, making it easily accessible even when it was in a Satechi hub. The new button placement on the bottom of the PC, however, may prove even more annoying for anyone who wants to buy this accessory.

Read more