"Stealth" Update for Flash from Adobe

Published: 2015-01-24
Last Updated: 2015-01-25 02:58:36 UTC
by Johannes Ullrich (Version: 1)
9 comment(s)

[Update] Adobe now updated it's advisory and confirmed that version fixes the o-day vulnerability (CVE-2015-0311). [2][3]

Adobe apparently just released Flash version There is nothing on Adobe's website if this is a patch. As a matter of fact, Adobe still lists as the most recent version [1]. You can download if you manually check for updates using Flash.

This article will be updates as we learn more. I have NO IDEA if this new version fixes the current vulnerability, but given that this is a surprise weekend release, chances are that it was released in response to the vulnerability. Apply this update at your own risk.

Thanks to Christopher for noticing!

[1] http://www.adobe.com/software/flash/about/

[2] http://helpx.adobe.com/security/products/flash-player/apsa15-01.html

[3] http://blogs.adobe.com/psirt/?p=1160

Johannes B. Ullrich, Ph.D.

9 comment(s)


Diary Archives