KLA10576 Flash Player update for Google Chrome

Google Chrome was updated to address vulnerabilities in Flash Player. For details look at KLA10574.

Original advisories

Google blog record

Exploitation

Public exploits exist for this vulnerability.

Malware exists for this vulnerability. Usually such malware is classified as Exploit. More details.

Related products

Google-Chrome

CVE list

CVE-2015-3044 critical

CVE-2015-3089 critical

CVE-2015-3088 critical

CVE-2015-3084 critical

CVE-2015-3086 critical

CVE-2015-3091 critical

CVE-2015-3078 critical

CVE-2015-3079 critical

CVE-2015-3080 critical

CVE-2015-3081 warning

CVE-2015-3092 critical

CVE-2015-3090 critical

CVE-2015-3087 critical

CVE-2015-3077 critical

CVE-2015-3085 high

CVE-2015-3083 high

CVE-2015-3082 high

CVE-2015-3093 critical

Solution

Update to the latest version. File with name old_chrome can be still detected after update. It caused by Google Chrome update policy which does not remove old versions when installing updates. Try to contact vendor for further delete instructions or ignore such kind of alerts at your own risk.

Get Google Chrome

Impacts

• ACE

Arbitrary code execution. Exploitation of vulnerabilities with this impact can lead to executing by abuser any code or commands at vulnerable machine or process.

• OSI

Obtain sensitive information. Exploitation of vulnerabilities with this impact can lead to capturing by abuser information, critical for user or system.

• SB

Security bypass. Exploitation of vulnerabilities with this impact can lead to performing actions restricted by current security settings.

• WLF

Write Local Files. Exploitation of vulnerabilities with this impact can lead to writing into some inaccessible files. Files that can be read depends on concrete program errors.

Affected Products

• Google Chrome versions earlier than 42.0.2311.152