- Staff
- #1
- 55,560
- 23,825
For the second time in two months, adobe confirms zero day bug
For the second time in the last four weeks, Adobe has told users that hackers are exploiting an unpatched bug in Flash Player, again by embedding malicious code inside a Microsoft Office document.
In a security advisory issued Monday, Adobe said that attackers are exploiting the vulnerability by embedding Flash attack files within a Microsoft Word document sent as an email attachment.
Adobe did not spell out a patch timeline for the newest Flash zero-day. Four weeks ago, Adobe issued a similar warning about a different flaw that hackers manipulated via attack code tucked inside Excel spreadsheet attachments.
Later, RSA Security confirmed that the March vulnerability had been used by cybercriminals to gain a foothold on its corporate network, then steal information related to the company's SecurID two-factor authentication products.
For the second time in the last four weeks, Adobe has told users that hackers are exploiting an unpatched bug in Flash Player, again by embedding malicious code inside a Microsoft Office document.
In a security advisory issued Monday, Adobe said that attackers are exploiting the vulnerability by embedding Flash attack files within a Microsoft Word document sent as an email attachment.
Adobe did not spell out a patch timeline for the newest Flash zero-day. Four weeks ago, Adobe issued a similar warning about a different flaw that hackers manipulated via attack code tucked inside Excel spreadsheet attachments.
Later, RSA Security confirmed that the March vulnerability had been used by cybercriminals to gain a foothold on its corporate network, then steal information related to the company's SecurID two-factor authentication products.