Security updates for Flash Player on Windows, macOS, Linux, and Chrome OS were released by Adobe yesterday on Patch Tuesday. The vulnerabilities discovered were found in Flash Player 188.8.131.52, which had two bugs (CVE-2019-8070 & CVE-2019-8069), and were released with a priority level of two, and a DLL hijacking bug (CVE-2019-8076), which was released with a priority level three on Windows OS. The two flaws in Flash Player 184.108.40.206 are use-after-free issues that could have possibly allowed unauthorized users to execute arbitrary code on a targeted user’s machine. Researchers stated that they believed the execution of the vulnerabilities would have been a daunting task which is why they received a low priority rating. As for the DLL hijacking bug, if exploited, attackers would have access to the user’s system by executing arbitrary code through the Adobe Application Manager installer. “This vulnerability exclusively impacts the installer used with the Adobe Application Manager. CVE-2019-8076 does not impact the existing Application Manager, and there is no action for a customer running earlier versions,” stated the security advisory.
With all the news around COVID-19/Coronavirus, the average person is turning to the internet for