Microsoft releases KB4074595 to address Adobe Flash Player remote code flaws

Recently, Adobe Flash Player remote code flaws were found by Korean Computer Emergency Response Team(KR-CERT). An attacker can persuade users to open Microsoft Office documents, web pages, spam e-mails, etc. that contain Flash files that distribute the malicious [Flash] code and take control of an affected system.

Flash 0day vulnerability that made by North Korea used from mid-November 2017. They attacked South Koreans who mainly do research on North Korea. (no patch yet) pic.twitter.com/bbjg1CKmHh

— IssueMakersLab (@issuemakerslab) February 1, 2018

On February 6, Adobe Flash Player has been updated to v28.0.0.161 to address vulnerabilities (CVE-2018-4878, CVE-2018-4877) in Flash Player.

Today, Microsoft released a new patch, code KB4074595, designed to fix the latest 0-day zero-day vulnerability in Adobe Flash Player. This patch is for  Windows 8/8.1/10/Server 2012. You can download the patch here.