Beware of New Flash Zero-Day CVE-2014-0502


   Adobe has just updated Flash Player for thesecond time this month, pushing out an emergency patch for an exploit  for CVE-2014-0502 exists in the wild ‍‍

   attack using Adobe Flash 0-day CVE-2014-0502

   The following versions and operating systems are affected:

   Adobe Flash Player and earlier versions for Windows and Macintosh

   Adobe Flash Player and earlier versions for Linux

   Adobe AIR and earlier versions for Android


   How can I prevent and mitigate against this attack?
   1 In case you are not sure which version of the Flash Player your system is running, you can download the latest version(version from Adobe’s own site

   2 Promptly upgrade your security software and enable the full protection feature

   3 Get rid of XP from your regular office computers (XP doen't support ASLR. This makes it much less safe than the latest Windows versions.)

   4 Make sure you still need Flash, because many websites no longer require Flash ,and then either uninstall it or apply this patch promptly.


   Baidu Antivirus customers are protected from this zero-day attack with the following detections:


   Baidu Antivirus official site:

   Baidu Antivirus official Facebook: