Recently there have been 0-Day exploits found for a few select Adobe products. They have released updates to address the exploit to keep its customers safe from hackers. The programs that have been updated are:

  • Adobe Flash Player
  • Adobe AIR
  • Adobe Flash Player
  • Adobe Acrobat

The new updates were to patch exploits and various vulnerabilities that are “critical” to preform. The vulnerabilities are 0-day exploits that allow attacks to bypass sandbox protection of the Adobe products and run elevated access under windows to natively run code and remotely control slave computers infected by the 0-day.

Kaspersky Labs Global Research and Analysis Team reported CVE-2014-0546, but would not give any technical information as they are not finished with the investigation. The do confirm that the exploit has been run in some recent computers before they were made aware of this exploit. 

The specific affected versions are:

  • Adobe Flash Player and earlier versions for Windows and Macintosh
  • Adobe Flash Player and earlier versions for Linux
  • Adobe AIR and earlier versions for Windows and Macintosh
  • Adobe AIR SDK and earlier versions
  • Adobe AIR SDK & Compiler and earlier versions
  • Adobe AIR and earlier versions for Android