Adobe Flash Player Vulnerability – June 24, 2015

Adobe releases security patches for the Flash Player on regular basis. It is very important from a security perspective to apply these patches at the earliest possible opportunity.

These vulnerabilities could potentially allow a remote attacker to execute arbitrary code on the vulnerable hosts and take control of the affected systems.

Adobe Flash vulnerabilities have been the attack vector in many of the high profile compromises in the recent years and there are numerous Adobe Flash security exploits available in the wild.

Severity

High

Method of attack

When a user visits a compromised website that utilizes Adobe Flash, a remote code can be executed on the visitor’s system. The remote code can subsequently install other malicious codes on a visitor’s system. Please note that some legitimate sites could also be compromised and be used for launching Adobe Flash exploits without the site owners’ knowledge.

Affected systems

Windows, Macintosh and Linux systems running unpatched Adobe Flash.

Recommendations

  • Apply the latest Adobe Flash security patches:
    The best way to ensure the systems are protected against these vulnerabilities is to apply the latest Adobe Flash security patches.
  • Run up-to-date Anti-virus software:
    Running malware protection software blocks many of the exploits. However, anti-virus applications can not completely guarantee protection against all Adobe Flash exploits.
  • Stay current with all available security updates:
    Apply all available OS and application security updates.
  • Do not login with administrative privileges:
    Logon as a regular user to your laptop/desktop, rather than with admin privileges for normal daily tasks. This will reduce the potential impact if the system gets compromised.