Posted on: February 02, 2015 View Alerts

Systems Affected

Overview

A critical vulnerability (CVE-2015-0313) exists in Adobe Flash Player which could cause a crash and potentially allow an attacker to take control of the affected system.

Description

A critical vulnerability exists in Adobe Flash Player 16.0.0.296 and earlier versions for Windows and Macintosh. Successful exploitation could cause a crash and potentially allow an attacker to take control of the affected system. We are aware of reports that this vulnerability is being actively exploited in the wild via drive-by-download attacks against systems running Internet Explorer and Firefox on Windows 8.1 and below.

CVE Reference: CVE-2015-0313

Suggested Action

Adobe is expected to release an updated version of Flash later this week. Administrators should prioritize implementation of this update when available.

References