Update: This vulnerability has now been patched. Original story below.
Another day, another critical vulnerability in Adobe Flash.
“This event was off the charts”
Gary Vaynerchuk was so impressed with TNW Conference 2016 he paused mid-talk to applaud us.
Today, just a day after the company released its regular security update, Adobe has confirmed it found a security flaw that affects every version of Flash for every system type: Windows, Mac and Linux.
Given the advisory number of CVE-2015-7645, the new flaw could allow an attacker to “crash and take control of the affected system.”
This exploit was first spotted by researchers at Trend Micro and is already being used in the wild in the form of spear phishing emails with subject lines related to the Russian conflict in Syria as a way to lure in users.
This is your friendly reminder that there’s no better time to uninstall Adobe Flash. It’s long overdue, and you’ll be able to get by without it just fine.
➤ CVE-2015-7645 [Adobe]