1 Reply Latest reply on Apr 18, 2016 1:30 PM by m_vargas

    Clarification request - APSB16-10

    mdbabb

      Greetings;

       

      I am a patch admin for a fortune 1000 company and need to make sure I'm getting this right.  In the Adobe Security Bulletin 4/7/16 for APSB16-10 it states that:

      Adobe Security Bulletin

       

      "Adobe is aware of reports that CVE-2016-1019 is being actively exploited on systems running Windows 10 and earlier with Flash Player version 20.0.0.306 and earlier."

       

      A little further down it also states: "Adobe recommends users of the Adobe Flash Player Extended Support Release should update to version 18.0.0.343".

       

      We are on the Extended Support Release version of Flash and are currently patching up to version 18.0.0.343.  However, this version is prior to 20.0.0.306 and my understanding is that it is still vulnerable to ransomware attacks according to the prior statement.

       

      Can I please get an affirmation on whether or not version 18.0.0.343 is vulnerable to ransomware as reported in CVE-2016-1019?

       

      Thanks in advance for your time.  Any advice is greatly appreciated.

      - Michael Babb