Adobe has security measures in collaboration with Google added to Flash Player that should arm the video plug-in against new attacks. In recent months, several different zero-day vulnerabilities found in Flash Player that allows Internet users were attacked.
In this case there was no update available before the attacks took place. In addition, there were dozens of other vulnerabilities discovered in the software that could give an attacker access to computers. A number of these leaks, after the appearance of the update also be used for users of attacks. In this case it was users who did not install the update. A large proportion of the vulnerabilities in Adobe fixes Flash Player detected by Google. The reason is that Google Chrome has an embedded Flash Player. Vulnerabilities in Flash Player can consequently affect Chrome users. In addition, Google has a separate team of hackers that focuses on researching and safer popular software, such as Flash Player.
In addition to reporting new vulnerabilities Google therefore contributes to security. Measures to make it more difficult for attackers to attack vulnerabilities. Along with these measures now from Adobe Adobe Flash Player version 18.0.0.209 implemented. Thus, for example, the memory locations of Flash Player made more random. Because these locations were previously predictable, an attacker could easily use it here. "We think we have put a great step forward when it comes to the security of Flash, but we're not done yet," said Chris Evans of Google.
He stressed that will find a way for every defensive measure attackers to bypass it. "It's a cat-and-mouse game." Evans stressed that the new security measures are effective in 64-bit versions of Flash Player. Users also are advised to upgrade to a 64-bit version of both their browser and Flash Player.
No comments:
Post a Comment