Beware of New Flash Zero-Day CVE-2014-0502
Adobe has just updated Flash Player for thesecond time this month, pushing out an emergency patch for an exploit for CVE-2014-0502 exists in the wild
The following versions and operating systems are affected:
Adobe Flash Player 18.104.22.168 and earlier versions for Windows and Macintosh
Adobe Flash Player 22.214.171.1246 and earlier versions for Linux
Adobe AIR 126.96.36.1990 and earlier versions for Android
How can I prevent and mitigate against this attack?
1 In case you are not sure which version of the Flash Player your system is running, you can download the latest version(version 188.8.131.52) from Adobe’s own site
2 Promptly upgrade your security software and enable the full protection feature
3 Get rid of XP from your regular office computers (XP doen't support ASLR. This makes it much less safe than the latest Windows versions.)
4 Make sure you still need Flash, because many websites no longer require Flash ,and then either uninstall it or apply this patch promptly.
Baidu Antivirus customers are protected from this zero-day attack with the following detections:
Baidu Antivirus official site:http://antivirus.baidu.com
Baidu Antivirus official Facebook:https://www.facebook.com/BaiduAntivirusEN