Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.
Adobe Patches Pawn Storm Zero-Day Ahead Of Schedule
Critical bug wasn't expected to be fixed until next week.
1 Min Read
Adobe has released a patch for CVE-2015-7645, the Flash zero-day that the Pawn Storm cyber-espionage gang has been using to attack foreign ministries across the globe. Adobe initially stated in an advisory Wednesday that it did not expect to have a patch available until next week.
CVE-2015-7645 is a critical vulnerability affecting Adobe Flash versions 19.0.0.207 and earlier for Windows, Mac, and Linux. It allows remote attackers to execute arbitrary code via a specially crafted SWF file, and is rated a 9.3 on the CVSS scale -- 10 for impact, but only 8.6 for exploitability.
The security updates released by Adobe today also patch two other vulnerabilities, CVE-2015-7647 and CVE-2015-7648, that could lead to code execution. No further details about those two bugs have yet been published.
See the Adobe bulletin for more.
Read more about:
2015About the Author
You May Also Like
More Insights
_santoelia_Alamy.jpg?width=700&auto=webp&quality=80&disable=upscale)