Adobe Flash Player 18.104.22.168 Patched A Vulnerability – Is It Still Worth It?
We know that Adobe started losing users’ confidence because of the tones of vulnerabilities which are causing the Flash Player to crash or to be exploited in the wild. The developers are busy working on updates which prevent hackers from taking control of the affected devices, and recently, they’re released version 22.214.171.124, which patched an exploit for CVE-2015-7645.
Every computer connected to the internet must be protected with an antivirus program. The users are visiting lots of pages, but they need to install a plugin for viewing multimedia, executing rich Internet applications, or streaming video/audio files and Adobe Flash Player is the most used player because it’s compatible with a variety of browsers, including Firefox, Chrome, Opera, Safari or IE. It’s indicated to install Flash Player because it doesn’t consume the computer’s resources or internal space, it lacks a dedicated interface, but it can read nearly all animations and effects embedded into websites.
It’s recommended to update it when a new version is released, because it comes with bug fixes and other improvements and it’s absolutely mandatory to get the latest 126.96.36.199 version which addresses a vulnerability which was exploited by Pawn Storm, which is a Russian espionage group. The hackers used the CVE-2015-7645 vulnerability in order to attack foreign affairs ministries from all over the world, and Adobe needed to take measures as soon as possible. Though the developers promised to release the update this week, they managed to pull it off earlier, delivering the update on Friday.
So, the Windows and Mac users are advised to upgrade to version 188.8.131.52 (15.9 MB), while the Linux users must get the version 184.108.40.2060, because both updates are addressing two other vulnerabilities – CVE-2015-7647, which allowed attackers to “execute arbitrary code by leveraging an unspecified <<type confusion>>, a different vulnerability than CVE-2015-7648”; and CVE-2015-7648, which is different than CVE-2015-7647.