123ArticleOnline Logo
Welcome to 123ArticleOnline.com!
ALL >> Computers >> View Article

Adobe's Releases Out-of-cycle Update To Address Cross-site Scripting Vulnerability In Flash Player

Profile Picture
By Author: eccuni
Total Articles: 211
Comment this article
Facebook ShareTwitter ShareGoogle+ ShareTwitter Share

Cybercriminals constantly strive to identify and exploit security flaws in software products. Recently, Adobe released an out-of-cycle security update for Flash Player to mitigate a universal cross-site scripting flaw, which attackers are reportedly exploiting in the wild. The vendor has rated the vulnerability as important. Adobe rates those vulnerabilities as important, which enable attackers to compromise data, allow unauthorized access to confidential information, or compromise processing resources on a victim’s computer system. In this case, attackers entice users to click on a malicious link delivered in a specially crafted e-mail. The purpose of the attack is to steal log in credentials of online accounts. Usually, attackers use the extracted information to gain unauthorized access to online accounts or e-mail service on behalf of the user. In this case, attackers are reportedly exploiting the automatic forwarding feature in Gmail accounts, to gain unauthorized access. When users click on the given link and visit a malicious website, while still being logged on to e-mail account, the attackers address is added to ...
... the user's account. Attackers may come up with different variants and also target other web mail services.

The security update applies to Flash Player 10.3.181.16 and prior versions for Windows, Macintosh, Linux and Solaris users. Google has updated Chrome stable channel to provide protection against the latest vulnerability. The zero-day vulnerability also affects Flash Player 10.3.185.22 and prior versions for Android. The vendor expects to deliver a Flash player update for Android users in the coming days.

Adobe products are one of the popular targets of cybercriminals. Software products are prone to vulnerabilities caused by programming errors, human error, and wrong assumptions on user usage and environment among others. Usually, professionals qualified in penetration testing test the strength of the products and identify vulnerabilities. In this case, security researchers at Google identified and alerted Adobe on the vulnerability.

Security researchers have advised users to immediately update to the latest version to prevent attackers from exploiting the vulnerability. Users must verify the authenticity of the e-mails, before disclosing any information. They must avoid clicking on suspicious links in e-mails and those coming from dubious sources. Attackers may send specially crafted e-mails with enticing subject lines. E-mails arriving from scammers may also contain attachments. Users must be wary of downloading e-mail attachments arriving from unknown sources, attachments with suspicious file names, with risky extensions, and files with double extensions.

Attackers are allegedly actively exploiting the vulnerability by launching target-based attacks. Targeted attacks on employees of an organization may lead to disclosure of privileged information. Employees may open files or click on links in e-mails, as they appear to come from a legitimate source, and inadvertently provide unauthorized access to corporate accounts. Security blogs, e-learning and online computer degree programs may help employees to gain insights on latest security threats, precautionary measures and security guidelines.

Professionals qualified in IT masters degree or computer science degree may facilitate timely identification and application of requisite security updates. Developers must regularly evaluate software products to detect and mitigate security flaws.

Professionals may benefit from online technology degree programs to get acquainted with latest technological developments and bring improvements in software products.

Total Views: 358Word Count: 529See All articles From Author

Add Comment

Computers Articles

1. 00al556 Ibm 550-watts Platinum Power Supply For X3650 M4: Reliable And Energy-efficient Power For Enterprise Servers
Author: Server Tech Central

2. Iot Identity And Access Management (iam) Market : Driving Secure Innovation In Connected Ecosystems
Author: Umangp

3. Why Should You Plan Blinkit Onboarding Before Market Expansion And How Can Zane Marketing Help You Grow Faster
Author: Zane Marketing

4. Customer Identity And Access Management (ciam) Market : Strengthening Security And Customer Trust
Author: Umangp

5. How To Start Your Website Redesign Project?
Author: brainbell10

6. Sap Compliance In Manufacturing: Closing The Gaps Grc Leaves Behind
Author: Mansoor Alam

7. Speech Analytics Market : Unlocking Actionable Insights From Customer Conversations
Author: Umangp

8. Data Preparation Tools Market: How Ai And Cloud-based Solutions Are Transforming Modern Data Workflows
Author: Umangp

9. How To Setup And Create Instagram Ads?
Author: brainbell10

10. Why Digital Business Cards Are The Future Of Professional Networking
Author: WhyTap

11. End To End Sataware Product Development Is The Process Of Identifying Market Opportunities To Hire Flutter Developer, Connecting User Needs And Requir
Author: brainbell10

12. Dynamics Nav To Business Central Upgrade Guide
Author: brainbell10

13. Data Governance Framework: Building Trust In The Digital Age
Author: Umangp

14. A Complete Guide To Dynamics 365 Warehouse Management
Author: brainbell10

15. Conversational Ai In Intelligent Contact Centers: Market Outlook And Future Growth To 2028
Author: Umangp

Login To Account
Login Email:
Password:
Forgot Password?
New User?
Sign Up Newsletter
Email Address: