Adobe Flash 0day proves, yet again, why this pile of insecure crap really must be put out of its misery.
Another emergency update for the Adobe Flash media player hardly qualifies as news these days. That it contains patches for no less than 18 vulnerabilities, all of them capable of remote code execution outcomes, doesn’t change that. The weaponisation of Adobe Flash has been an ongoing threat for far longer than we care to recall here at IT Security Thing; it’s just far too depressing when you consider that the damn thing is still alive.
However, we do feel honour bound to inform our readers that one of the vulnerabilities is weaponised and being actively exploited in the wild. While Adobe recommends that users update their product installations to the latest versions using the instructions referenced in security bulletin APSB16-08, here at IT Security Thing we recommend you simply nuke it and uninstall Adobe Flash as a priority.