Adobe issued another security update yesterday to address a type confusion vulnerability. The vulnerability (CVE-2018-15981) could allow remote code execution. An attacker could construct a malicious SWF file, host it on a website and then exploit any vulnerable visitor browsing the website. Following this, the vulnerability could allow the attacker to execute any command on the machine which includes downloading and installing malware. According to researchers, “The interpreter code of the Action Script Virtual Machine (AVM) does not reset a with-scope pointer when an exception is caught, leading later to a type confusion bug, and eventually to a remote code execution.”