Adobe fixes critical Flash Player bug that let attackers control affected PCs
Advertisement
Adobe Systems Inc released an update on Monday to its widely used Flash Player software to fix a bug that cybersecurity company Kaspersky Lab said had been exploited to attack visitors to a Syrian government website.
Adobe said in an advisory could allow attackers to "take control of affected computer systems."
It said it "is aware of reports that an exploit for CVE-2014-0515 exists in the wild, and is being used to target Flash Player users on the Windows platform."
Adobe has released updates to fix the bug for systems running on Microsoft Corp's Windows, Apple Inc's Mac and Linux operating systems.
The security bulletin by Adobe specified the security updates released were for Adobe Flash Player 13.0.0.182 and earlier versions for Windows, Adobe Flash Player 13.0.0.201 and earlier versions for Macintosh and Adobe Flash Player 11.2.202.350 and earlier versions for Linux.
Advertisement
Moscow-based Kaspersky Lab said on its blog that it learned in mid-April that a Syrian Justice Ministry website, that serves as an online forum for citizen complaints had been compromised. No attacks on other websites have been reported as a result of the Flash bug.
"We believe the attack was designed to target Syrian dissidents complaining about the government," Kaspersky Lab researcher Vyacheslav Zakorzhevsky said in the blog post.
Advertisement
Kaspersky described the attack as a "watering-hole" campaign. In such attacks, hackers infect websites frequented by individuals whose computers they are looking to compromise. When they visit the tainted site, their systems become infected.
Edited by NDTV staff from original story by Reuters
For the latest tech news and reviews, follow Gadgets 360 on X, Facebook, WhatsApp, Threads and Google News. For the latest videos on gadgets and tech, subscribe to our YouTube channel. If you want to know everything about top influencers, follow our in-house Who'sThat360 on Instagram and YouTube.
Advertisement