Adobe releases another Emergency Security Patch for Flash Player
Feb 22, 2014
Security Firm FireEye has uncovered yet another critical zero-day vulnerability in widely used Adobe Flash Software and Adobe has been forced to issue a second emergency patch update in less than a month. All versions of Adobe Flash Player released before today's patch are vulnerable to the zero-day exploit and the patch addresses a critical vulnerability CVE-2014-0502 , being used in a watering hole attack -dubbed " Operation Greedywonk", that allows attackers to remotely take control of infected systems. The vulnerability affects the latest versions of Flash, is reported to be targeting the websites of three non-profit institutions, being redirected to an malicious server hosting the zero-day exploit. " Visitors to the Peter G. Peterson Institute for International Economics (www.piie[.]com) were redirected to an exploit server hosting this Flash zero-day through a hidden iframe ." FireEye said. Security updates tackle a number of flaws includi...
