I will update this diary as additional bulletins are released. Microsoft marked adobe’s bulletin as “not yet exploited”. However, according to Adobe and reports from the Korean Cert, one of the vulnerabilities has already been exploited, so I am marking it differently here, and assign it a “Patch Now” rating. Not much detail has been made public yet about this vulnerability, which is why I am leaving the “Disclosed” rating at “No”.
February 2018 Security Updates
| Description | |||||
|---|---|---|---|---|---|
| CVE | Disclosed | Exploited | Exploitability (old versions) | current version | Severity |
| February 2018 Adobe Flash Security Update | |||||
| ADV180004 | No | Yes | – | – | PATCH NOW |
—
Johannes B. Ullrich, Ph.D. , Dean of Research, SANS Technology Institute
STI|Twitter|
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.