lördag 12 mars 2016

Proaktivt skydd mot nya säkerhetshål i Adobe Flash och Acrobat Reader

Zscaler har proaktivt utvecklat skydd för attacker mot de 17 sårbarheter som presenterades i Adobe's security bulletins i mars. Det avancerade skyddslagret används för att blockera zero-day-hot som utnyttjar nyupptäckta sårbarheter och inkluderas i Zscaler Advanced Behavioral Analysis.




WeClouds webbsäkerhetslösning från Zscaler analyserar allt innehåll i den data som hämtas från webben och bedömer det genom flera olika analyser, jämförelser och beteendeanalyser. Skanningen av http/https sker i realtid och skyddar användare och system oavsett var de kopplat upp sig genom att styra trafiken via någon av skannings-noderna i det globala säkerhetsnätverket.



APSB15-32Security updates available for Flash Player
Severity: Critical

Affected Software
  • Adobe Flash Player Desktop Runtime 19.0.0.245 and earlier
  • Adobe Flash Player Extended Support Release 18.0.0.261 and earlier
  • Adobe Flash Player for Google Chrome 19.0.0.245 and earlier
  • Adobe Flash Player for Microsoft Edge and Internet Explorer 11 19.0.0.245 and earlier
  • Adobe Flash Player for Internet Explorer 10 and 11 19.0.0.245 and earlier
  • Adobe Flash Player for Linux 11.2.202.548 and earlier
  • AIR Desktop Runtime 19.0.0.241 and earlier
  • AIR SDK  19.0.0.241 and earlier
  • AIR SDK & Compiler 19.0.0.241 and earlier
  • AIR for Android  19.0.0.241 and earlier
CVE-2015-8655 – Flash Player Use-After-Free Vulnerability
         Security Subscription Required: Advanced Behavioral Analysis

Description: Adobe has released security updates for Adobe Flash Player.  These updates address critical vulnerabilities that could potentially allow an attacker to take control of the affected system.

APSB16-08Security updates available for Flash Player
Severity: Critical

Affected Software
  • Adobe Flash Player Desktop Runtime 20.0.0.306 and earlier
  • Adobe Flash Player Extended Support Release 18.0.0.329 and earlier
  • Adobe Flash Player for Google Chrome 20.0.0.306 and earlier
  • Adobe Flash Player for Microsoft Edge and Internet Explorer 11 20.0.0.306 and earlier
  • Adobe Flash Player for Internet Explorer 11 20.0.0.306 and earlier
  • Adobe Flash Player for Linux 11.2.202.569 and earlier
  • AIR Desktop Runtime 20.0.0.260 and earlier
  • AIR SDK  20.0.0.260 and earlier
  • AIR SDK & Compiler 20.0.0.260 and earlier
  • AIR for Android  20.0.0.233 and earlier
CVE-2016-0961 – Flash Player Memory Corruption Vulnerability
         Security Subscription Required: Advanced Behavioral Analysis
CVE-2016-0962 – Flash Player Memory Corruption Vulnerability
         Security Subscription Required: Advanced Behavioral Analysis
CVE-2016-0963 – Flash Player Integer Overflow Vulnerability
         Security Subscription Required: Advanced Behavioral Analysis
CVE-2016-0986 – Flash Player Memory Corruption Vulnerability
         Security Subscription Required: Advanced Behavioral Analysis
CVE-2016-0987 – Flash Player Use-After-Free Vulnerability
         Security Subscription Required: Advanced Behavioral Analysis
CVE-2016-0988 – Flash Player Use-After-Free Vulnerability
         Security Subscription Required: Advanced Behavioral Analysis
CVE-2016-0989 – Flash Player Memory Corruption Vulnerability
         Security Subscription Required: Advanced Behavioral Analysis
CVE-2016-0990 – Flash Player Use-After-Free Vulnerability
         Security Subscription Required: Advanced Behavioral Analysis
CVE-2016-0991 – Flash Player Use-After-Free Vulnerability
         Security Subscription Required: Advanced Behavioral Analysis
CVE-2016-0993 – Flash Player Integer Overflow Vulnerability
         Security Subscription Required: Advanced Behavioral Analysis
CVE-2016-0994 – Flash Player Use-After-Free Vulnerability
         Security Subscription Required: Advanced Behavioral Analysis
CVE-2016-0995 – Flash Player Use-After-Free Vulnerability
         Security Subscription Required: Advanced Behavioral Analysis
CVE-2016-0996 – Flash Player Use-After-Free Vulnerability
         Security Subscription Required: Advanced Behavioral Analysis
CVE-2016-1001 – Flash Player Heap Overflow Vulnerability
         Security Subscription Required: Advanced Behavioral Analysis
CVE-2016-1010 – Flash Player Integer Overflow Vulnerability
         Security Subscription Required: Advanced Behavioral Analysis

Description: Adobe has released security updates for Adobe Flash Player.  These updates address critical vulnerabilities that could potentially allow an attacker to take control of the affected system.

APSB16-09Security updates available for Acrobat Reader
Severity: Critical

Affected Software
  • Acrobat DC Continuous 15.010.20059 and earlier
  • Acrobat Reader DC Continuous 15.010.20059 and earlier      
  • Acrobat DC Classic 15.006.30119 and earlier
  • Acrobat Reader DC Classic 15.006.30119 and earlier              
  • Acrobat XI Desktop 11.0.14 and earlier
  • Reader XI Desktop 11.0.14 and earlier
CVE-2016-1007 – Acrobat Reader Memory Corruption Vulnerability
         Security Subscription Required: Advanced Behavioral Analysis

Description: Adobe has released security updates for Adobe Acrobat and Reader for Windows and Macintosh. These updates address critical vulnerabilities that could potentially allow an attacker to take control of the affected system.


www.wecloud.se
info@wecloud.se