Earlier this week we reported that after Adobe released its giant update for Flash and Reader, TrendMicro discovered a brand new zero-day exploit for Flash.  This exploit was actively being used on web sites to install malware on a victims computer.  This vulnerability is now labeled by Adobe as APSA15-05 and is cataloged as CVE-2015-7645. Adobe expects to release an update to patch this issue next week on October 19th.

This vulnerability allows attackers to take control over an exploited computer and there is no workaround other than to disable Flash on your computer.  If you do not require Flash, the safest bet will to be disable it in any browsers that you use.

 

Related Articles:

CosmicSting flaw impacts 75% of Adobe Commerce, Magento sites

FTC files complaint against Adobe for deceptive cancellation practices