Adobe Releases Another Emergency Update for Flash

MacRumors · Feb 20, 2014

Adobe today released a second security update for its Adobe Flash Player software on both Mac and Windows, addressing a threat that could allow an attacker to take control of an affected system, executing malicious code. The vulnerability (CVE-2014-0502) allowed attackers to compromise at least three nonprofit organizations according to security firm FireEye (via ArsTechnica).

This threat actor clearly seeks out and compromises websites of organizations related to international security policy, defense topics, and other non-profit sociocultural issues. The actor either maintains persistence on these sites for extended periods of time or is able to re-compromise them periodically.

This actor also has early access to a number of zero-day exploits, including Flash and Java, and deploys a variety of malware families on compromised systems. Based on these and other observations, we conclude that this actor has the tradecraft abilities and resources to remain a credible threat in at least the mid-term.

Today's update follows a critical security update that was released just over two weeks ago, fixing the same zero-day vulnerability giving hackers complete control over compromised systems.

The vulnerability affects all Macs with Adobe Flash Player versions before 12.0.0.70 and Adobe recommends all users update their products to the latest of Flash. Adobe maintains a site where users can check the version of Flash installed and the up-to-date Flash software can be downloaded from Adobe's website.

Article Link: Adobe Releases Another Emergency Update for Flash

musika · Feb 20, 2014

A secure platform wouldn't need these emergency updates.

C DM · Feb 20, 2014

musika said:
A secure platform wouldn't need these emergency updates.

And what platform is (or even could be) secure?

akm3 · Feb 20, 2014

C DM said:
And what platform is (or even could be) secure?

Pong.

Nyy8 · Feb 20, 2014

It seems Adobe always has to make updates to Flash, almost bi-weeky.

Poor Adobe.

nwcs · Feb 20, 2014

I think I just heard the ghost of Steve Jobs say, "bag of hurt."

5t3f4n · Feb 20, 2014

>having Flash installed
>2014

BigBeast · Feb 20, 2014

musika said:
A secure platform wouldn't need these emergency updates.

Let me know when you write a program that spans millions of lines of code that you think is completely logically sound. Next, upload it and let thousands of people debug it. Afterward, try to determine where you messed up, and then go through all that code and figure out how to fix the error, followed by the one or more errors created due to the error you fixed. Have fun!

Gudi · Feb 20, 2014

I don't care about security. All I want from Flash is massively lowered CPU usage.

C DM · Feb 20, 2014

akm3 said:
Pong.

That's a platform?

CrickettGrrrl · Feb 20, 2014

Okay, this confuses me:

The vulnerability affects all Macs with Adobe Flash Player version 12.0.0.70 and earlier

I just updated from 12.0.0.44 to 12.0.0.70 and cannot update further.

tokolo · Feb 20, 2014

Just kill the damn thing Adobe.

jayducharme · Feb 20, 2014

Funny -- two weeks ago I posted about how I had just had to update Flash two weeks previous to that. This is becoming a habit.

John.B · Feb 20, 2014

<smh>

scaredpoet · Feb 20, 2014

CrickettGrrrl said:
Okay, this confuses me:

I just updated from 12.0.0.44 to 12.0.0.70 and cannot update further.

Same here. The current download page of Flash (even linked from the article) lists 12.0.0.70 as current.

justinfreid · Feb 20, 2014

Error in the article?

According to the linked site, 12.0.0.70 is the most recent version.
Does that include the fix?

adm58 · Feb 20, 2014

CrickettGrrrl said:
Okay, this confuses me:

I just updated from 12.0.0.44 to 12.0.0.70 and cannot update further.

Same. I think the article is mistaken. Adobe's page lists .70 as the current version.

lincolntran · Feb 20, 2014

CrickettGrrrl said:
Okay, this confuses me:

I just updated from 12.0.0.44 to 12.0.0.70 and cannot update further.

Too funny!

taptic · Feb 20, 2014

All I can say is lol.

kwokaaron · Feb 20, 2014

Here we go again...

D.T. · Feb 20, 2014

C DM said:
That's a platform?

ardchoille50 · Feb 20, 2014

I don't know who controls the macrumors bot, but thank you very much for posting news items.

Skika · Feb 20, 2014

5t3f4n said:
>having Flash installed
>2014

meme arows outside of 4chan

Shiggy diggy

pubwvj · Feb 20, 2014

It would be wiser to uninstall Flash than to upgrade.

SoAnyway · Feb 20, 2014

Not again....

Adobe Releases Another Emergency Update for Flash

macrumors bot

macrumors 65816

macrumors Sandy Bridge

macrumors 68020

macrumors 6502a

macrumors 68030

macrumors regular

macrumors 6502a

Suspended

macrumors Sandy Bridge

macrumors 6502a

macrumors newbie

macrumors 601

macrumors 601

macrumors 604

macrumors 6502a

macrumors regular

macrumors 6502a

macrumors 65816

macrumors 6502a

macrumors G4

macrumors 68020

macrumors 68030

macrumors 68000

macrumors 6502

Our Staff