All news related to Sangfor, our Products, our Events, etc.You can also follow our social media accounts such as Facebook, Twitter, etc. for more updates about Sangfor.

Flash Affected by Serious Remote Vulnerability

Flash affected by serious remote vulnerability. Sangfor NGFW already updated to protect user’s network security.

Recently, some world-renowned mediareported that Adobe Flash Player was affected by serious remote vulnerability.The vulnerability number is CVE-2015-0311 and it is currently being exploitedby hackers and is quite active. Adobe already released an updated version of Flash Player and urged users to upgrade as soon as possible, aimed at fixing this vulnerability.

The level of this vulnerability is defined as "critical" and it is described as “aggressively attack Windows 8.1 and below versions that run Internet Explorer and Firefox operating system through drive-by downloads”, which hackers can exploit this vulnerability to control the computer to automatically download malicious software and allow malicious code to execute locally, without the user's consent.

This vulnerability allows remote attackersto gain control over a user's computer and lead the victim system intodowntime. The Flash player on OSX platform of version and below,Windows platform of version and below, Linux platform of version and below, are very vulnerable to the attack.

Users can access Adobe's Flash Player page,or click on About Adobe (or Macromedia) Flash Player in the lower right cornerof the browser’s Flash page to check whether the Flash Player version they areusing has this vulnerability and take measures to automatically or manuallyupdate the Flash version.

Currently, virus samples that exploitedthis vulnerability have been widely disseminated on the Internet. Right afterthe vulnerability information release, Sangfor Security Team launched anemergency response mechanism in the first time. Through analyzing the vulnerability principle and extracting the attack feature of virus samples, we updated the vulnerability attack feature library of NGFW on January 26th. All online Sangfor NGFWs will be able to complete the update automatically, so that users who have deployed Sangfor NGFW don’t need to worry.

Sangfor Security Team has professionalengineers that collect 0day vulnerabilities every day. On the basis of the original vulnerability attack feature library, we keep updating and adding new features every 2 weeks. When encountering major security threats, such as Flash remote vulnerability, Sangfor Security Experts will analyze the threat within 24 hours and update vulnerability attack feature library in the first time to protect the user's network security.

For users who haven’t deployed Sangfor NGFW, you can send an email to or contact your local Sangfor office for more information.

Our Social Networks

Global Service Center: