Adobe patches second Flash zero-day in 9 days

From InfoWorld: For the second time in nine days, Adobe on Tuesday patched a critical vulnerability in Flash Player that hackers were already exploiting.

Adobe also updated its popular Reader PDF viewer to quash 13 new bugs and several older ones the company had not gotten around to fixing.

The memory corruption vulnerability in Flash Player was pegged "critical" by Adobe, which said that the bug could "potentially allow an attacker to take control of the affected system" in an accompanying advisory. "There are reports that this vulnerability is being exploited in the wild in targeted attacks via malicious Web pages," the advisory added.

Adobe last issued an emergency update -- dubbed "out-of-band" -- on June 5, when it fixed a critical flaw that attackers were exploiting to steal Gmail login credentials.

Those attacks were different from the ones Google disclosed the week before, when it accused Chinese hackers of targeting specific individuals , including senior U.S. and South Korean government officials, anti-Chinese government activists and journalists, with messages that tried to trick them into entering their username and password on a fake Gmail login screen.

View: Article @ Source Site