Adobe issued a patch for the zero-day on Wednesday.
The vulnerability could lead to arbitrary code execution.
Overall, the company released only three patches as part of its regularly-scheduled November update.
Google Play’s policy prohibits apps or SDKs that download executable code, such as dex files or native code, from a source other than Google Play
Threatpost’s editors discuss the top news of this week.
A fake Adobe update actually updates victims’ Flash – but also installs malicious cryptomining malware.
Adobe issued fixes for versions of its ColdFusion web development platform – including six critical flaws.
Adobe’s August Patch Tuesday release impacts Flash Player, and Acrobat DC and Reader.
Spam is back with a vengeance, thanks to the demise of attack vectors such as Adobe Flash.
Threatpost editors Tom Spring and Lindsey O’Donnell talk about the week’s biggest news.