Flash plugin 0-day vulnerability in the wild
T.C. Hollingsworth
tchollingsworth at gmail.com
Sat Jan 24 00:22:16 UTC 2015
FYI:
---------- Forwarded message ----------
From: Martin Stransky <stransky at redhat.com>
Date: Fri, Jan 23, 2015 at 2:51 AM
Subject: Flash plugin 0-day vulnerability in the wild
To: Development discussions related to Fedora <devel at lists.fedoraproject.org>
Folk,
There's a live 0-day flash vulnerability which is not fixed yet
[1][2]. If you use flash plugin I recommend you to enable the
click-to-play mode for it.
There's also a Fedora Firefox update with such change [3].
ma.
[1] https://isc.sans.edu/diary/Flash+0-Day+Exploit+Used+by+Angler+Exploit+Kit/19213
[2] http://malware.dontneedcoffee.com/2015/01/unpatched-vulnerability-0day-in-flash.html
[3] https://bugzilla.redhat.com/show_bug.cgi?id=1185241
--------------------------------------
If you have SELinux enforcing in its default configuration you should
be safer, since it limits the abilities of Firefox plugins.
See the full thread for more information:
https://lists.fedoraproject.org/pipermail/devel/2015-January/206997.html
http://thread.gmane.org/gmane.linux.redhat.fedora.devel/203965
More information about the users
mailing list