Adobe has issued a patch for a type ‘confusion’ bug, which could affect users of Flash. It was discovered on November 15 by Israeli-based researcher, Gil Dabah.
What does this mean for users?
Microsoft issued a Security Advisory with an explanation of how an attacker could exploit these vulnerabilities using Adobe Flash.
In a web-based attack scenario where the user is using Internet Explorer for the desktop, an attacker could host a specially crafted website that is designed to exploit any of these vulnerabilities through Internet Explorer and then convince a user to view the website.
There is a lot more. If you want to read a fuller explanation of what this bug might do, go to the Security Update Guide details.
Microsoft has also issued a workaround that will block attack vectors for those who haven’t installed the patch yet.
Prevent Adobe Flash Player from running You can disable attempts to instantiate Adobe Flash Player in Internet Explorer and other applications that honor the kill bit feature, such as Office 2007 and Office 2010, by setting the kill bit for the control in the registry.
You can read how to change your machine’s configuration in more detail by following the same Security Update Guide link above.
Check out Bitdefender for all your security needs
Speaking of security vulnerabilities, one way to make sure you are safe when you are online is to use a great antivirus program. And one of the best cybersecurity programs on the market today is Bitdefender Total Security.
More good news. At the time of writing this, if you buy Bitdefender today, there is a 35% discount. If you need more, you can read Milan’s full review of Bitdefender.
No need to panic
Note that for the bug to work, it needs users to take some form of action. If you receive any dodgy-looking attachments, or links in an email or via Instant Messenger, do not open or click. As long as you don’t click, you should be fine.
The good news is that users do not need to do anything special. Adobe has said that Google Chrome, macOS, Linux, Edge, and Internet Explorer 11 will all be updated automatically.
RELATED POSTS TO CHECK OUT: