Friday, May 2, 2025
HomeCVE/vulnerabilityBeware!! New Zero-day Vulnerability Found in Adobe Flash Player - Still No...

Beware!! New Zero-day Vulnerability Found in Adobe Flash Player – Still No Patches Available

Published on

SIEM as a Service

Follow Us on Google News

Adobe Flash Player now suffering from brand New Zero-day vulnerability with high severity rate and researchers believes that it cause a Severe impact on ActiveX Support browsers which leads to compromise the Windows PC.

Zero-day vulnerabilities are referred to attacks on vulnerabilities that have not been patched or made public.

This critical Zero-day vulnerability is presenting in current Adobe Flash Player ActiveX 28.0.0.137 and earlier versions.

- Advertisement - Google News

In this case, this major Zero-day flaw mainly spreading via Microsoft office document or spam mail that contain a Malicious flash file.

South Koren Cyber Emergency Response Team(KR-CERT) Released Emergency notes that says, “This vulnerability only on user’s who all are using Internet Explorer (IE) be influenced chrome (chrome) until a patch is available using Firefox (FireFox) is recommended”

Security Researcher from Hauri, Inc.said, “Flash 0day vulnerability that made by North Korea used from mid-November 2017. They attacked South Koreans who mainly do research on North Korea.”

Adobe users have to beware of this severe Zero-day Until Adobe releases the security patch for this Vulnerability.

Also Read: Security Bug Affected 300,000 Oracle Point of Sale Systems Puts the Critical Business Data at Risk

Temporary Mitigation for this Zero-day Vulnerability

  • Remove the flash player from computer Until Adobe releases a security patch for the vulnerability.
  •  do not trust the website Scion visits and the source does not open an unknown email attachment viewing prohibited and links
  • keep the latest updates of antivirus programs, and enable real-time monitoring
  • Use Firefox  until a patch is available
Balaji
Balaji
BALAJI is an Ex-Security Researcher (Threat Research Labs) at Comodo Cybersecurity. Editor-in-Chief & Co-Founder - Cyber Security News & GBHackers On Security.

Latest articles

Managing Shadow IT Risks – CISO’s Practical Toolkit

Managing Shadow IT risks has become a critical challenge for Chief Information Security Officers...

Application Security in 2025 – CISO’s Priority Guide

Application security in 2025 has become a defining concern for every Chief Information Security...

Preparing for Quantum Cybersecurity Risks – CISO Insights

Quantum cybersecurity risks represent a paradigm shift in cybersecurity, demanding immediate attention from Chief...

Securing Digital Transformation – CISO’s Resource Hub

In today’s hyper-connected world, securing digital transformation is a technological upgrade and a fundamental...

Resilience at Scale

Why Application Security is Non-Negotiable

The resilience of your digital infrastructure directly impacts your ability to scale. And yet, application security remains a critical weak link for most organizations.

Application Security is no longer just a defensive play—it’s the cornerstone of cyber resilience and sustainable growth. In this webinar, Karthik Krishnamoorthy (CTO of Indusface) and Phani Deepak Akella (VP of Marketing – Indusface), will share how AI-powered application security can help organizations build resilience by

Discussion points


Protecting at internet scale using AI and behavioral-based DDoS & bot mitigation.
Autonomously discovering external assets and remediating vulnerabilities within 72 hours, enabling secure, confident scaling.
Ensuring 100% application availability through platforms architected for failure resilience.
Eliminating silos with real-time correlation between attack surface and active threats for rapid, accurate mitigation

More like this

Netgear EX6200 Flaw Enables Remote Access and Data Theft

Security researchers have disclosed three critical vulnerabilities in the Netgear EX6200 Wi-Fi range extender...

Tesla Model 3 VCSEC Vulnerability Lets Hackers Run Arbitrary Code

A high security flaw in Tesla’s Model 3 vehicles, disclosed at the 2025 Pwn2Own...

Apache ActiveMQ Vulnerability Lets Remote Hackers Execute Arbitrary Code

A high vulnerability in Apache ActiveMQ’s .NET Message Service (NMS) library has been uncovered,...