美国安全公司Fireeye在调查APT3黑客小组钓鱼行动时发现Adobe Flash Player零日漏洞。
Fireeye在两周前将该漏洞报告给Adobe,Adobe确认后为此紧急推出新版本(v18.0.0.194)修复该漏洞。
受该漏洞影响的Flash Player版本有:Windows和OS X版的Adobe Flash Player 18.0.0.161及早期版本,Linux版的Flash Player 11.2.202.466及早期版本, Flash Player扩展支持版13.0.0.292 及早期版本。
由于Windows 8系统内置了Flash Player,所以微软也立刻推出了KB3074219补丁修复漏洞,该补丁适用于:
Windows RT 8/8.1
Windows 8/8.1
Windows 8/8.1 企业版
Windows 8/8.1 专业版
Windows Server 2012/2012 R2 Datacenter
Windows Server 2012/2012 R2 Essentials
Windows Server 2012/2012 R2 Foundation
Windows Server 2012/2012 R2 Standard
由于该漏洞已经被黑客利用,所以用户们应该尽快安装该补丁修复漏洞,安装补丁后需要重启生效。
开启自动更新的用户系统将会自动进行安装该补丁,用户也可手动下载该补丁进行安装,Update for Internet Explorer Flash Player:
Update for Internet Explorer Flash Player for Windows 8.1 (KB3074219)
Download the Windows8.1-KB3074219-x86.msu package now.
Update for Internet Explorer Flash Player for Windows 8.1 x64-based systems (KB3074219)
Download the Windows8.1-KB3074219-x64.msu package now.
Update for Internet Explorer Flash Player for Windows 8 (KB3074219)
Download the Windows8-RT-KB3074219-x86.msu package now.
Update for Internet Explorer Flash Player for Windows 8 x64-based systems (KB3074219)
Download the Windows8-RT-KB3074219-x64.msu package now.
Update for Internet Explorer Flash Player for Windows Server 2012 (KB3074219)
Download the Windows8-RT-KB3074219-x64.msu package now.
Update for Internet Explorer Flash Player for Windows Server 2012 R2 (KB3074219)
Download the Windows8.1-KB3074219-x64.msu package now.