Adobe suffers from yet another remote-code execution in the plug-in.
The administrators and the users using the flash player from Adobe are advised to patch this issue as soon as possible to avoid any attack on the system through hackers.
Which Bug is Adobe Feeding
The bug which Adobe feeds is the CVE-2015-3113. It allows the attackers to take complete control of the system. The hackers are targeting the victims using Internet Explorer on the operating system of Windows 7 and Windows XP using Firefox. The attackers are sending spammed links in the emails to the victims, which are hosting Flash files of Adobe. This exploits the vulnerability and the victim, thinking it as an assured website, clicks the spammed link and invites the attackers to hack the system.
What is the Patch
The patch is extremely important to fix this bug as it will block the hackers to email you with spammed link. The patch for OS X and Windows will be the 18th version of Flash Player, which is 126.96.36.199. The updated version for Linux is 188.8.131.528 and in order to experience the extended support of this flash player, uses 184.108.40.2066. Users with Linux operating system are at lower risk than the Windows and Mac’s OS X.
Windows 8 and Chrome users will automatically receive a trusted link that will direct you to the updated version. The rest of the browsers must update their systems with the updated version to avoid any hassle.
What is the Security Fix
Adobe has credited FireEye to find out the bug and report it. The researchers have tried alternative solution to the patch which is known as dump Flash. This alternate option can be used by the users if they need to use Flash instead of updating to any other version temporarily.
As flash is required by every website’s webpage to stream the videos, it is better for updating the system to the latest version of Adobe Flash Player. The bug in this flash player comes with a zero day patch. Though you update it your system with all the necessary updates or anti-virus, the malware can easily sneak into your account and use the computer as if you are using it. As you are exposed to the bug even if you take every safety precaution, this type of issue is called a zero day patch and hence, the remote-code execution brings a little difficulty to Adobe.