Patch Adobe Flash on Windows Now: Critical Zero-Day Vulnerability Found
February 19th, 2019
From ZDNet:
"Advanced hackers have demonstrated that you really don't need browsers to exploit Flash Player vulnerabilities on Windows. Office does the job just fine.
"Adobe has released an update to address a critical flaw affecting Flash Player that is actively being exploited, otherwise known as a zero-day flaw.
"Adobe is urging users to update from Adobe Flash Player 29.0.0.171 to the patched version, 30.0.0.113. It also addresses three other flaws.
"An exploit for the flaw, CVE-2018-5002, is stealthily delivered in emailed Excel attachments using a novel technique designed to minimize the risk of detection by antivirus and frustrate forensic analysis."
Source: ZDNet