Adobe has fixed another critical vulnerability in Flash Player

Thursday, October 15, 2020, 3:23 GMT

Adobe has patched only one crucial bug in its products this month as part of Patch Tuesday-a loophole in the Flash Player.

image source: Adobe.com

The issue has been defined by the CVE-2020-9746 identifier and is linked to null pointer dereferencing. Adobe engineers claim that successful exploitation of this flaw could cause the software to crash and could be used in the current user’s environment to execute arbitrary code.

It is also noted, however, that attacking this weakness is not so easy. The truth is that the attacker would need to insert a malicious sequence into the HTTP response for this, which is transmitted by default when the user enters the site via TLS / SSL. The business does not, however, expect hackers to exploit this flaw any time soon.

Issue CVE-2020-9746 has been patched for Windows , MacOS , Linux, and Chrome OS with Flash Player update 32.0.0.445.

Let me remind you that Adobe Flash Player support will officially be discontinued on December 31st, 2020, after which it will no longer be supported by all current browsers. Work on a complete rejection of Flash has been going on since 2017, when the official date was announced by Apple, Facebook, Google, Microsoft, Mozilla, as well as Adobe itself, when the system will ultimately be ‘put to death.’