måndag 2 november 2015

Flera nya sårbarheter i Adobe Flash

Under fredagen den 27:e oktober erkändes flera nya sårbarheter i Adobe Flash. Zscaler har proaktivt utvecklat skydd för attacker mot nya sårbarheter i Adobe Flash. Det avancerade skyddslagret används för att blockera zero-day-hot som utnyttjar nyupptäckta sårbarheter och inkluderas i Zscaler Advanced Behavioral Analysis.


WeClouds webbsäkerhetslösning från Zscaler analyserar allt innehåll i den data som hämtas från webben och bedömer det genom flera olika analyser, jämförelser och beteendeanalyser. Skanningen av http/https sker i realtid och skyddar användare och system oavsett var de kopplat upp sig genom att styra trafiken via någon av skannings-noderna i det globala säkerhetsnätverket.

APSB15-25Security updates available for Adobe Flash Player
Severity: Critical

Affected Software
  • Adobe Flash Player Desktop Runtime 19.0.0.185 and earlier
  • Adobe Flash Player Extended Support Release 18.0.0.241 and earlier
  • Adobe Flash Player for Google Chrome 19.0.0.185 and earlier
  • Adobe Flash Player for Microsoft Edge and Internet Explorer 11 19.0.0.185 and earlier
  • Adobe Flash Player for Internet Explorer 10 and 11 19.0.0.185 and earlier
  • Adobe Flash Player for Linux 11.2.202.521 and earlier
  • AIR Desktop Runtime 19.0.0.190 and earlier
  • AIR SDK 19.0.0.190 and earlier
  • AIR SDK & Compiler 19.0.0.190 and earlier 
CVE-2015-7627 – Flash Player Memory Corruption Vulnerability
         Security Subscription Required: Advanced Behavioral Analysis
CVE-2015-7631 – Flash Player Use After Free Vulnerability
         Security Subscription Required: Advanced Behavioral Analysis
CVE-2015-7632 – Flash Player Buffer Overflow Vulnerability
         Security Subscription Required: Advanced Behavioral Analysis
CVE-2015-7633 – Flash Player Memory Corruption Vulnerability
         Security Subscription Required: Advanced Behavioral Analysis

Description: Critical vulnerabilities have been identified in Adobe Flash Player. Successful exploitation could cause a crash and potentially allow an attacker to take control of the affected system.

APSB15-27Security updates available for Adobe Flash Player
Severity: Critical

Affected Software
  • Adobe Flash Player Desktop Runtime 19.0.0.226 and earlier
  • Adobe Flash Player Extended Support Release 18.0.0.255 and earlier
  • Adobe Flash Player for Google Chrome 19.0.0.226 and earlier
  • Adobe Flash Player for Microsoft Edge and Internet Explorer 11 19.0.0.225 and earlier
  • Adobe Flash Player for Internet Explorer 10 and 11 19.0.0.226 and earlier
  • Adobe Flash Player for Linux 11.2.202.540 and earlier
CVE-2015-7645 – Flash Player Type Confusion Vulnerability
         Security Subscription Required: Advanced Behavioral Analysis

Description: Critical vulnerabilities have been identified in Adobe Flash Player. Successful exploitation could cause a crash and potentially allow an attacker to take control of the affected system.

www.wecloud.se
info@wecloud.se