The recent hack of the “Hacking Team” -a company that makes money from creating spyware for repressive governments – has uncovered evidence that they have been exploiting a yet unknown security hole which is present in all Adobe Flash players since version 7. Obviously based on the information obtained from the public dump of Hacking Team’s 400 GB Intranet data, there’s a Zero-Day exploit out there in the wild that is actively targeting computers (thanks mancha for the link). Adobe have released patched Flash player plugins today that fix this security hole and you are all urgently advised to update your flash player packages.
For your information: The updated Slackware package for chromium-pepperflash-plugin has version 184.108.40.206. The updated flashplayer-plugin has version 220.127.116.111. The Chromium plugin was taken from the Google Chrome 43.0.2357.132 RPM which was released yesterday. New packages for my own chromium package based on the sources of that same version are underway, expect those tomorrow.
Download locations for the Flash plugins:
- http://www.slackware.com/~alien/slackbuilds/ (master site)
- http://taper.alienbase.nl/mirrors/people/alien/slackbuilds/ (my own US mirror)
- http://alien.slackbook.org/slackbuilds/ (US)
- http://slackware.org.uk/people/alien/slackbuilds/ (UK)
If you are using the slackpkg+ extension for slackpkg, then you just run “slackpkg update && slackpkg update flash”. Alternatively, you can subscribe to my repository RSS feed to stay informed of any updates.