Adobe has been very hard at work the last couple of months due to vulnerabilities in its Flash product. Just off the heels of one Adobe Flash zero-day vulnerability that was discovered as part of the data breach at the Hacking Team, now comes two additional vulnerabilities of Flash that has no patches yet for.
Security researchers around the world are urging consumers to completely disable Flash, at least for the time being. Adobe says it will patch the latest two vulnerabilities this week but its not known if there are still additional undiscovered vulnerabilities in the 400GB worth of data that was stolen from the Hacking Team.
The two new Adobe Flash zero-day vulnerabilities are identified as CVE-2015-5122 and CVE-2015-5123. How many other zero-day vulnerabilities are out there that “security companies” are holding for their own personal gain?