Home Hacking Team leak exposes zero-day vulnerability in Flash
News

Hacking Team leak exposes zero-day vulnerability in Flash

Ben Funk
Disclosure
Disclosure
In our content, we occasionally include affiliate links. Should you click on these links, we may earn a commission, though this incurs no additional cost to you. Your use of this website signifies your acceptance of our terms and conditions as well as our privacy policy.

A recent leak of internal documents from gray-hat software developer Hacking Team has revealed another zero-day vulnerability in the Flash plugin. As Ars Technica reports, the vulnerability has been verified by anti-virus maker Symantec and is known to affect Internet Explorer, though Symantec believes it can affect Flash in other browsers, as well. If exploited, this vulnerability could allow an attacker to remotely execute code on a targed machine.

In Symantec's blog post on the topic, the company warns, "Given the source of the proof-of-concept code, it is possible that this vulnerability has already been exploited in the wild. Following its disclosure, it can be expected that groups of attackers will rush to incorporate it into exploit kits before a patch is published by Adobe." Ars says Adobe is aware of this vulnerability and plans to issue a patch on Wednesday. In the meantime, we concur with their advice to disable Flash if possible.

The Tech Report - Editorial ProcessOur Editorial Process

The Tech Report editorial policy is centered on providing helpful, accurate content that offers real value to our readers. We only work with experienced writers who have specific knowledge in the topics they cover, including latest developments in technology, online privacy, cryptocurrencies, software, and more. Our editorial policy ensures that each topic is researched and curated by our in-house editors. We maintain rigorous journalistic standards, and every article is 100% written by real authors.

Ben Funk

Ben Funk

Sega nerd and guitar lover